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SOMETHING XL 
IS COMING IN APRIL 


ENTERPRISE-CLASS HARDWARE, RUNNING 
THE WORLD'S MOST POPULAR OPEN SOURCE 
STORAGE QPERATING SYSTEM. 


For more information on the FreeNAS Mini, 
visit Xsystems.com/mini today. 


Then, check back in April for something XL... 
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EDITORS’ WORD 


Dear Readers, 


The beautiful month of May is behind us and 
we are heading into the holiday period. Where 
are you going to spend your vacation? 


What's more, in the beginning of July, our 
American readers will celebrate Independence 
Day. We would like to wish you all the best for 
you and your families! We hope you will spend 
this day in peace, happiness, and joy. 


Moving on to this issue, it opens with industry 
news, as always. Next, you will read “FreeBSD 
Based Dual-Controller Storage System Con- 
cept’ by Mikhail E. Zakharov. This is the sec- 
ond great article out of three by this author. 


We are proud to introduce you to Natalia Porti- 
llo. She made a great comparison of MacOS 
and FreeBSD in her article “Benchmarks Mac 
OS X vs FreeBSD’. 


After her article, we have another (after the pre- 
vious issue), a GhostBSD related article 
“GhostBSD - Easy to Use, Yet Powerful” by Ka- 
lin Staykov. If you like this BSD, you will enjoy 
our interview with Eric Turgeon as well. 


“Server Automation for NodeJS over SSH with 
Nodemiral” by Ray Mahangoe explains what 
Nodemiral is and how to install it. 


iXsystems prepared a series of articles for you 
as well. Mark VonFange has shared “FreeNAS 
Getting Started Guide: Part 1, Planning and In- 
stallation” with us as the first installment in a 3 
part series. 


Finally, as always, you can find a great article 
by Rob Somerville about Barclays bank. 


Enjoy the reading and have a beautiful June! 
“Don’t count the days, make the days count” - 
Muhammad Ali. 


Marta & BSD Team 
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BSD World Monthly News 4 
by Marta Ziemianowicz 


This column presents the latest news coverage of 
breaking news events, product releases and trending 
topics. 


FreeBSD Corner 


FreeBSD Based Dual-Controller Storage System 
Concept 15 


by Mikhail E. Zakharov 


Nowadays, most of the modern and powerful block- 
level storage systems around the world are built to 
work in expensive Fibre Channel or cheaper iSCSI 
SAN environments. Independent of their class, capac- 
ity and performance, they are created on well-known 
principles, technologies and architectures. Further- 
more, some of these systems are using common serv- 
ers for their controller hardware with Linux or even 
AIX as storage operating systems on-board. 


Fight Club 


Benchmarks: MacOS X vs FreeBSD 46 
by Natalia Portillo 


Imagine you've got an old Macintosh sitting around 
and you think you may be able to use it for other pur- 
poses. You have some expertise on FreeBSD and 
feel quite confident using it. In this article, I'll try to ex- 
plore what’s better, to install Mac OS X until Apple 
stops supporting your exact model, or move on to 
FreeBSD. For this purpose, I'll explore several advan- 
tages and disadvantages for diverse use case scenar- 
ios as well as pure benchmarking for both. 


NodeJS 


Server Automation for NodeJS over SSH with 
Nodemiral 61 


by Ray Mahangoe 


Nodemiral is like Ansible, an automation tool based 
on Javascript/NodeJS. While Ansible has been 
around for a while, Nodemiral is still young (though 
Javascript has been in the loop for a while). Why do | 


use Nodemiral? Well, I've been using Ansible for a 
while and | like the way Ansible works, like access 
with ssh, playbooks and run script on a server, etc., 
and there is no need to install a client on every 
server. 


GhostBSD 
GhostBSD - Easy to Use, Yet Powerful 68 


by Kalin Staykov 


When | first heard about GhostBSD, | thought it may 
involve a shady distribution that is all about security. 
Okay, in fact, at first | thought about actual ghosts, 
but let's not dive into that. The name comes from 
"Gnome hack operating system technology BSD". 
This project is all about putting a nice desktop envi- 
ronment with all the security perks of having a BSD 
system under the hood. 


FreeNAS 


FreeNAS Getting Started Guide: Part 1, Planning 
and Installation 77 


by Mark VonFange 


This article is intended to serve as an introductory 
guide to assist FreeNAS users in planning, installa- 
tion, configuration and administration for their Fre- 
eNAS storage systems. Each category will include a 
high level discussion covering the basics of what is 
needed, with applicable screenshots. 


Interview 


Interview with Eric Turgeon, Founder and Leader 
of GhostBSD 88 


by Marta Ziemianowicz, Marta Strzelec & Marta Si- 
enicka 


Rob’s Column 90 


by Rob Somerville 


Barclays bank, as part of their Life Skills television 
and Internet campaign, are advising those entering 
the job market to use more professional email ad- 
dresses. In light of their involvement in the Libor scan- 
dal, where they attempted to manipulate the bench- 


mark inter-bank borrowing rate, can we 


take this advice seriously? 
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BSD Certification 


The BSD Certification Group Inc. 
(BSDCG) is a non-profit organization 
committed to creating and 
maintaining a global certification 
standard for system administration 
on BSD based operating systems. 


@ WHAT CERTIFICATIONS ARE AVAILABLE? 


BSDA: Entry-level certification suited for candidates 
with a general Unix background and at least six months of 
experience with BSD systems. 


BSDP: Advanced certification for senior system administrators 
with at least three years of experience on BSD systems. 
Successful BSDP candidates are able to demonstrate 

strong to expert skills in BSD Unix system administration. 


@ WHERE CANIGET CERTIFIED? 


We’re pleased to announce that after 7 months of 
negotiations and the work required to make the exam 
available in a computer based format, that the BSDA 
exam is now available at several hundred testing centers 
around the world. Paper based BSDA exams cost $75 USD. 
Computer based BSDA exams cost $150 USD. The price of 
the BSDP exams are yet to be determined. 


Payments are made through our registration website: 
https://register.bsdcertification.org//register/payment 


@& WHERE CAN | GET MORE INFORMATION? 


More information and links to our mailing lists, LinkedIn 
groups, and Facebook group are available at our website: 
http://www.bsdcertification.org 


Registration for upcoming exam events is available at our 
registration website: 
https://register.bsdcertification.org//register/get-a-bsdcg-id 


User George 
Hadjichristofi 
is starting a 
campaign to 


Se DinoBSD 


scant bring 
FreeBSD to 
the mobile 
device. 


Welcome to my campaign to complete the Di 
noBSD: An OS for smartphones. DinoBSD is 
a fresh, easy and secure OS based on 
freeBSD. 


The funds raised here will be used to build a 
DinoBSD OS 


| will need to do more development to finish 
the first beta version and testing on smart- 
phones. | would like to find a company to 
build the hardware to test DinoBSD which will 
probably be covered under intellectual prop 
erty law (patents/ trademarks / copyrights) If | 
don't reach the entire goal, | will continue the 
project, but slower. 


DinoBSD: 


https://www.freebsdnews.com/2016/05/27/htt 
pswww-indiegogo-comprojectsdinobsd-2/ 
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Pi Backend/Renderer 


Pe as ee Monovar is a sophisticated algorithm 

_ to detect single nucleotide variants 

- ' (SVNs) in cancer cells. Written in Py- 

thon, this program can help in provid- 
ing a more personalized treatment to 

cancer patients by pinpointing impor- 
tant variations in a single cancer cell. 


The current technology being used to 

detect DNA mutations in cancer cells 

analyzes millions of cells to arrive at 

some definite conclusions. To make 

this process more efficient, the re- 
searchers at The University of Texas MD Anderson Cancer Center have come up with a new 
method. 


Called Monovar Method, this computer program can spot DNA mutations taking place in a single 
cancer cell and pinpoint important variations. 


This new and sophisticated program can help our doctors take a more personalized approach to 
cancer treatment before going for methods like chemotherapy. 


The new Monovar method uses a technology called single cell sequencing (SCS). SCS also finds 
its applications in other fields of medicine, like microbiology, neurobiology, and immunology. 


Monovar is able to detect single nucleotide variants (SNVs), which is a very minute kind of DNA 
variation. SNVs play an important role in cancer treatment as they affect how a patient develops 
the disease and responds to the medication. 


By helping in detecting SNVs more accurately, more personalized treatments could act as a bet- 
ter choice. 


You can take a look at the Monovar program online and see how it works. Written in Python, 
here’s what the Bitbucket description of Monovar program says: 


Monovar is a single nucleotide variant (SNV) detection and genotyping algorithm for single-cell 
DNA sequencing data. It takes a list of bam files as input and outputs a vcf file containing the de- 
tected SNVs. 


http://fossbytes.com/monovar-python-program-cancer-detection-svn/ 
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GhostBSD 10.3 ALPHA 2 available 


jost BSD 


This second ALPHA development release is for test- 
ing and debugging new features in GhostBSD 10.3, MATE and XFCE is available on Source- 
Forge for the i386, amd64, and amd64-uefi architectures. 


The developers of GhostBSD have made available 
the second ALPHA for version 10.3. 


New feature. 

¢ UEFI is now supported for 64bit only. 

What has been fixed. 

¢ Gbi log and partition data base is now deleting when closing gbi. 

¢ Resetting partition data base when going back to the installation type. 
¢ 4K Partition Alignment. 

¢ Networkmgr full SSID name. 

¢ System Update duplicating the whole install under /boot/kernel.old. 
¢ Gbi “back” button error. 

¢ sudo configuration. 

¢ Wifi down by default. 

¢ /etc/localtime not created by installer. 

¢ Locales are not correctly set up on installation. 


*missing kern.vty=vt setting in grub.cf. 


Official announcement: /iip://ghostbsd.org/10.3-ALPHA2 


https:/www.freebsdnews.com/2016/05/27/ghostbsd-10-3-alpha-2-available/ 
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QNAP announced that they were adopting snaps as the applica- 
tion format of choice for their NAS going forward. Behind this de- 
cision are two factors, the ease of development of snaps and the 
universality of snaps, especially to create loT applications. 


NAS has been around for a while, and have been used across a 

wide array of use cases, from media servers in tech-savvy house- 

holds to remote file server by SMBs. QNAP has been a pioneer 
in this space, offering an appstore for their NAS with hundred of 
apps: local web servers (WordPress, Drupal), Media server 
(Kodi), Cloud backup ... 


By adopting snaps as the preferred application format for their NAS going forward, QNAP is look- 
ing to surf on the growing popularity of snaps across Ubuntu desktop and Ubuntu Core in loT. 
They’re keen to leverage universality of snaps, which can be deployed from Ubuntu desktops to 
Ubuntu Core loT Gateways. But also the simplicity of creating snaps, with snapcraft a tool that 
makes it simple to build secure, contained applications from source easily. 


https://insights. ubuntu.com/2016/05/3 1/snaps-on-nas-iot-apps-for-your-private-network/ 


Upstream Wayland developers have decided to drop the specialized Raspberry 
Pi back-end and renderer from the Weston compositor code-base. 


Back in 2012 was the premiere of this Raspberry Pi back-end for Weston that 
made use of the DispmanX API for initializing the display and other changes, 
compared to the more traditional DRM back-end for Weston. This Raspberry Pi 
code in Weston hasn't received much attention lately to Weston and has now 
been dropped. 


Pekka noted, "The rpi-backend is a good example of how using an API that is only available for 
specific hardware, even more so as it is only available with a proprietary driver stack, is not main- 
tainable in the long run. Most developers working on Weston either just cannot, or cannot bother 
to test things also on the RPI. Breakage creeps in without anyone noticing." 


http:/www.phoronix.com/scan.php ?7page=news_item&px=Weston-Nukes-RPi-Code 
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ot oasten a= *, It's been quite a while since the last 

rs bbs : _| Gentoo LiveDVD release, but a new im- 
= oe nd 2 age has surfaced this weekend as Gen- 
Sa ae gg aa crane aa Software , ‘| too 20160514 and codenamed the 


CE , PHORONIX = J, J | "Choice Edition" release. 


This first Gentoo release of 2016 is 
powered by the Linux 4.5 kernel and 
features X.Org Server 1.18.3, KDE 
mer | Plasma 5.6.2, Firefox 45.0, LibreOffice 

Web Browser 1.8.3 [ame | 5.1, GIMP 2.9.2, and many other pack- 
: SOE Webs Gromer Developers aging updates. 


Copyright @ 2002-200 
ight @ 2003-2005 The Gr 


Aside from updated packages, this Gen- 
too "Choice Edition" LiveDVD features 


intel EIST SpeedStep feb Nexuiz v1.5 
DFI Infinity NF4 Ultra lafeb Opera v9.00 Tech Preview 2 


Ia) @ [Phoronix] GNU/Linux Hardware Reviews, Articles, & Gaming ia) ZFS On Lin uX SU p port, U E Fl SU pport, 


and writable file-systems using AuFS. 
This is the first official Gentoo LiveDVD release since 2014. 


For those wanting to remember what Gentoo looked like ten years ago... or in 2008 and 2009. 


https://www.phoronix.com/scan.php ?page=news_item&px=Gentoo-May-2016-Release 


The Dropbox engineers working on their Pyston project as a high-performance JIT implementa- 
tion today announced version 0.5 of the software. 


Pyston 0.5 now makes use of reference counting rather than tracing garbage collectors, support 
for running NumPy unmodified, signal handling support, frame introspection, and many other 
changes. 


All of the details on Pyston 0.5 -- including their motives for abandoning the tracing GC and mov- 
ing to refcounting -- is described via this blog post announcement on the Pyston project site. 


http://www.phoronix.com/scan.php ?page=news_item&px=Pyston-0.5-Python 


BSD 


(oe) 
MAGAZINE 


The developers of pfSense have made 
available version 2.3.1 release. Down- 
load the update or install file. 


© Sense 


This is a maintenance release in the 2.3.x series, bringing a number of bug fixes, two security 
fixes in the GUI, as well as security fixes for OpenSSL, OpenVPN and FreeBSD atkbd and 
sendmsg. The full list of changes is on the 2.3.1 New Features and Changes page. 


We are happy to announce the release 
of pfSense® software version 2.3.1! 


This release includes a total of 103 bug fixes. 79 regressions in 2.3 have been fixed, mostly mi- 
nor issues in the new GUI. Several of these are significant issues, and have resolved nearly all 
the post-upgrade problems encountered in 2.3-RELEASE. 24 issues affecting 2.2.x and prior ver- 
sions have also been fixed. 


If you haven't yet caught up on the changes in 2.3.x, check out the Features and Highlights 
video. Past blog posts have covered some of the changes, such as the performance improve- 
ments from tryforward, and the webGUI update. 


Official announcement: 


https://www.freebsdnews.com/2016/05/20/pfsense-2-3-1-release-now-available/ 


Version 1.11 of the open-source, high-performance Nginx web-server is now available. 


Nginx 1.11 presents a new transparent parameter for several options, support for loading multiple 
certificates of different types, various other security-related changes, a $proxy_protocol_port vari- 
able, some HTTP/2 changes, and more. 


The complete list of nginx 1.11 changes can be found via this file. Download the open-source 
Nginx 1.11 via Nginx.org. 


http:/www.phoronix.com/scan.php ?page=news_item&px=Nginx-1.11-Released 
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Drinking the software-defined big data kool aid through one pane of glass 


Citrix has unified its networking products and made big additions to its virtualisation stack. 


Last things first: XenServer is now in version 7, which means it gains support for Intel's Iris Pro 
graphics technology. In theory, that makes XenServer a better platform for graphics-intensive 
desktop virtualisation (VDI) chores. Citrix thinks there's lots of you who would love the chance to 
banish workstation fleets and replace them with VDI, or just make sure VDI can keep up with the 
requirements of video-guzzling users. 


Citrix and Microsoft have been close for ages and get closer with this release, which adds sup- 
port for Server Message Block (SMB) for virtual machine storage. The upshot of this is Citrix us- 
ers in big Windows shops can now point XenServer at shared storage managed by Windows 
Server, which should help users to make the most of storage assets. 


Citrix is taking advantage of the combination of System Center Configuration Manager and Win- 
dows Server Update Services, as together they make it possible to update XenServer with Win- 
dows Update. 


Everything's bigger this time around: host RAM goes up from 1TB to 5TB and 288 CPU cores are 
now permitted, double the previous count. VRAM now reaches 1.5TB, an eightfold increase. 


There's also a new agentless API allowing inspection of guest VMs' memory, the better to make 
sure they're not running something nasty. 


Cloud-native types may appreciate support for managing Docker from within Xen Server. 


Nothing radical, therefore, but some nice bits for those running all sorts of workloads on Xen 
Server. Citrix's virtualisation strategy sees it prioritise its own products — XenDesktop and Xe- 
nApp — in the hope of selling a stack. This release won't hurt that strategy and may give comfort 
to those hoping to continue using XenServer for other stuff, plus the beginning of a direction on 
containers. 


Citrix's other strong suit is networking and the company's decided it's time to bring all its offerings 
into a single management console. The new “NetScaler Management and Analytics System” 
therefore gives users one tool with which to manage the company's CloudBridge software- 
defined WAN, NetScaler application delivery controller and VPN products. 


CloudBridge was previously a discrete product but is now re-christened NetScaler SDWAN. The 
whole suite is now backed by better analytics and automation, plus templates that let 


. BSD 


you quickly cook a secure software-defined network and network optimisation environment for dif- 
ferent applications. 


The mantra, as is the case across the industry, is that in these cloudy times we all need to be 
able to create networks that span our own bit barns and public clouds. 


Citrix grew in its most recently-reported quarter, a result felt to represent a slightly-unexpected 
turnaround after years of confused strategy and red ink. The announcements above, the cute 
adoption of the Raspberry Pi as a thin client and a new workspace-as-service push surely mean 
the company has moved off the “not dead yet” pile and closer to many shopping lists. ® 


http://www.theregister.co.uk/2016/05/25/citrix_dodges_death_returns_with_bigger_xenserver_an 
d_netscaler/ 


A new tree sprouts on android.googlesource.com 


Evidence for the development can be found here in the recently-created android/device/ 
pifoundation/rpi3 directory at android.googlesource.com. 


It's an empty tree and has been since its creation on April 19th, 2016 by someone called Thomas 
Joseph Avila who has a google.com email address. 


Google's open source Android project already has code for Intel's Edison, Arduino-powered ac- 
cessories and even TI's Panda single-board computers. Taking a slice of Pi is therefore not an 
outlandish move. 


There's no sign that work is in progress or of a timeline having been set for Android-on-Pi's com- 
pletion. 


If and when it's done, it will be an intriguing offer. Android, of course, has a colossal collection of 
apps and is rather more familiar to many people than Raspbian and perhaps more approachable 
than even the NOOBS OS installer. 


The Register suspects Google and the Raspberry Pi foundation would not would not mind if An- 
droid on Pi gives more people a reason to acquire the machine. Or is Google instead trying to 
make Android a more viable target for the customised industrial Pis the Foundation is pitching as 
an Internet of Things thing? ® 


http:/www.theregister.co.uk/2016/05/26/android_might_be_on_the_way_to_the_raspberry_pi/ 
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Microsoft has created 
its own cut of FreeBSD 
10.3 in order to make 
the OS available and 
supported in Azure. 


Jason Anderson, princi- 
pal PM manager at Mi- 
crosoft's Open Source 
Technology Center 
says Redmond “took 
on the work of building, 
testing, releasing and 
maintaining the image” 
so it could “ensure our customers have an enterprise SLA for their FreeBSD VMs running in Az- 


ure . 


Microsoft did so “to remove that burden” from the FreeBSD Foundation, which relies on commu- 
nity contributions. 


Redmond is not keeping its work on FreeBSD to itself: Anderson says “the majority of the invest- 
ments we make at the kernel level to enable network and storage performance were up-streamed 
into the FreeBSD 10.3 release, so anyone who downloads a FreeBSD 10.3 image from the 
FreeBSD Foundation will get those investments from Microsoft built in to the OS.” 


Code will flow both ways: Anderson says “... our intent is to stay current and make available the 
latest releases shortly after they are released by the FreeBSD Release Engineering team. We 
are continuing to make investments to further tune performance on storage, as well as adding 
new Hyper-V features — stay tuned for more information on this!” 


Microsoft says it will support its distribution when run in Azure. 


Redmond's rationale for the release is that plenty of software vendors use FreeBSD as the OS 
for software appliances. That reasoning was behind Microsoft's 2012 decision to ensure 
FreeBSD could run as a guest OS under Hyper-V. In your own bit barns, your guest OSes are 
your own problem. Microsoft clearly decided it needed something more predictable for Azure, al- 
though it has in the past allowed custom FreeBSDs to run as cloudy VMs. 
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Of course Microsoft has also allowed Linux on Azure VMs for years, so news of the FreeBSD ef- 
fort feels like an effort to ensure the platforms cloud users want are available rather than a star- 
tling embrace of open source to rank with Azure's don't-call-it-a-Linux-for-switches or the an- 
nouncement of SQL Server for Linux. 


But it's still just a little surprising to see Microsoft wade into development of FreeBSD: this is not 
your father's Microsoft. 


One last thing: when Microsoft announced it would ensure FreeBSD runs on Hyper-V, NetApp 
was one of its collaborators. NetApp knows FreeBSD inside out, because Data ONTAP is built on 
it. But NetApp is absent from the vendors listed in Microsoft's announcement of its FreeBSD ef- 
forts. Which might put the kybosh on our imagined cloud-spanning software-defined NetApp rigs. 
® 


http:/www.theregister.co. uk/2016/06/09/microsoft_freebsd/ 
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FreeBSD Based Dual-Controller 
Storage System Concept 
by Mikhail E. Zakharov 


Nowadays, most of the modern and powerful block-level 
storage systems around the world are built to work in expen- 
sive Fibre Channel or cheaper iSCSI SAN environments. In- 
dependent of their class, capacity and performance, they 
are created on well-known principles, technologies and ar- 
chitectures. Furthermore, some of these systems are using 
common servers for their controller hardware with Linux or 
even AIX as storage operating systems on-board. 


So theoretically nothing can stop us from developing our own reliable block-level storage system 
based on FreeBSD, especially keeping in mind existence of successful FreeNAS, iXsystems and 
NetApp projects. Now let's see what FreeBSD-10.2 could bring us just out of the box, so we do 
not have to write any additional kernel modules to achieve the goal. 


Although our simple model is intended to work on my laptop within the Oralce VirtualBox environ- 
ment, which is used to run virtual machines for storage controllers along with a client host, we will 
try to follow the basic principles of reliability, availability, and serviceability (RAS) firstly introduced 
by IBM. And may the Beastie be with us! 


For our experiments, we will need two nearly identical virtual machines (ctrl-a and ctrl-b) for stor- 
age controllers and one machine (clnt-1) for a client host. For obvious reasons, we can't test Fi- 
bre Channel HBAs on the laptop so we will use iSCSI for our block-level access to the FreeBSD 
storage system model. 


As we don't use Fibre Channel in our environment, the controllers will have 2 LAN connections: 
one (private) for inter-controller and another (public) for host-controller communications. 
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Private LAN IP-address: 192.168.56.10 


Private network IP-address: 192.168.56.11 


Public LAN IP-address: 192.168.55.10 Public LAN IP-address: 192.168.55.11 


We also need to prepare and configure “shared drives” on both of controllers. This special feature 
allows us to share physical drives between virtual machines so do not confuse it with “shared fold- 
ers”, which is a completely different technology. In our case, these “shared drives” will simulate a 
dummy enclosure with four drives (dO, d1, d2, d3) for our storage system model. 


It's better to use a dedicated controller for these shared drives to separate them from the system 


drive. In the virtual environment it's not very important which one to choose, but it will definitely 
work with SATA controller emulation. Therefore: 


¢ Using VirtualBox Manager, create a new SATA controller with 4 fixed-sized VDI drives: dO, d1, 
d2, d3 on ctrl-a machine; 


¢ Then go to VirtualBox Virtual Media Manager and set “shareable” flag for each drive; 


Finally, attach drives to the new SATA controller on ctrl-b virtual machine. 
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Install FreeBSD on ctrl-a and ctrl-b virtual machines using default parameters and adaO as the 


drive with root file-system. Then configure general parameters in /etc/rc.conf: 


ctrl-a 


hostname="ctrl-a" 


ifecontig.em0="i1neEt 1922168.56; 10 
netmask 255.255.255.0" # Inter- 
controller private network 


trcontig eml="inet: 192.1608 .55 e810 
netmask. 255.255.255.0" + Public 


network 
# VirtualBox guest additions 
vboxguest enable="YES 


VDOxService enable="YES” 


# iSCSI 
ctld enable="YES" # target 


iscsid enable="YES" # initiator 


Now it's important to set iSCSI “disconnection on fail” kernel variable in /etc/sysctl.conf on both 


ctrl-b 


hostname="ctrl-b" 


LiConrig -em0="i1ner 102.166.5041) 
netmask 255.255.255.0" # Inter- 
controller private network 


1fContig eml="1net 192.166.5511 
netmask 255.255.255.0" # Public 


network 
# VirtualBox guest additions 
vboxguest enable="YES 


vboxservice enable="YES" 


# iSCSI 
ctld enable="YES" # target 


iscsid enable="YES" # initiator 


systems to enable failover to the next controller in case of disaster: 


After reboot, according to the dmesg output, our shared drives are accessible as ada1, ada2, 


ada3, ada4 on both machines: 
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<VBOX HARDDISK 1.0> ATA-6 device 

perial i Numbers Veo edQes es lacor 

33.300MB/s tEransters )(UDMAZ, PIO 6553 6bytes) 

204 30MB3(41943040-512 byte sectors: 16H) 63S/7T 16333C) 
Previously was known as ad0Q 
aueaner Chom bus we sebus7 fiargete( @ ignis.) 

<VBOX HARDDISK 1.0> ATA-6 SATA 2.x device 

Serial Number VBa2a70c86-5e4db960 

300.000MB/s transfers (SATA 2.x, UDMA6, PIO 8192bytes) 
Command Queueing enabled 


ROOME (2046004512 bytetsectors: thGhie3S/ le203C) 


Previously was known as ad4 
AteanerehiL buss Ors chussebargem, Ulune 0 
<VBOX HARDDISK 1.0> ATA-6 SATA 2.x device 
Serial Number VB6éale2b6c-fcblfd23 
300.000MB/s transfers (SATA 2.x, UDMA6, PIO 8192bytes) 
Command Queueing enabled 
TPOOMB (AOA S0UR SI? byte sectors lon 6354/2 203C) 
Previously was known as ad6 
at aneteh2s bus Ussebus4ytarcge: Oslin 0 
<VBOX HARDDISK 1.0> ATA-6 SATA 2.x device 


Serial Number VBad8731lfa-8e8050c8 


300.000MB/s transfers (SATA 2.x, UDMA6, PIO 8192bytes) 
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Now we can create RAIDs on our shared drives. Actually, we may choose any available type 
(even RAID 0) but as we have four shared drives, let's use GEOM Mirror provider (gmirror) to cre- 
ate two reliable RAID-1 mirrors: one for ctrl-a and another for ctrl-b. 


ctrl-a ctrl-b 

root@ctrl-a:/ # gmirror load root@ctrl-b:/ # gmirror load 
root@ctrl-a:/ # gmirror label -v root@ctrl-b:/ # gmirror label -v 
ctrl_a_gm0 /dev/adal /dev/ada2 ctrl b gmO /dev/ada3 /dev/ada4 


Note that ada0 is our system drive, so we shouldn't put it under shared RAID configuration. 


Then change /boot/loader.conf on both controllers to start gmirror on boot: 


ctrl-a ctrl-b 


geom. mirror load="YEo" geom mirror load="YES" 
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After reboot we can check if gmirror devices are created: 


The same can be seen on ctrl-b, so | will always skip listings from the other controller to reduce 


the article size. 


Now we can partition the mirrored space. Actually these partitions would be LUNs for our further 


testing purposes. 


Create GPT partition scheme on each mirror: 


ctrl-a 


root@ctrl-a:/ # gpart create -s 
GPT /dev/mirror/ctrl_a_gm0 


ctrl-b 


root@ctrl-b:/ # gpart create -s 
GPT /dev/mirror/ctrl b gm0 


To simplify the example we will add only one partition to each mirror: 


ctrl-a 


root@ctrl-a:/ # gpart add -t 
freebsd-ufs -a lm /dev/mirror/ 
ctrl a. om 


Finally we can check the result: 
20 


ctrl-b 


root@ctrl-b:/ # gpart add -t 
freebsd-ufs -a lm /dev/mirror/ 
ctrl b gm0 
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operator ee 0xol Mar > 73:24 et rile gml 


elelonachena WOb dover ices dbow ike 7: \rercialeslonei (Chet) 


It's extremely harmful to write data simultaneously from both controllers to the same shared drive. 
As we don't have any arbitrator yet, we must avoid accessing ctrl_b gm0O mirror from ctrl-a con- 
troller and vice versa: ctrl_a_gm0 mirror from ctrl-b controller. Also we must somehow implement 
controller redundancy. To achieve both of the goals let's invent this mechanism. 


First we have to make links from one controller to another to reach the opposite mirror. We can 
try to do it with ggate (GEOM gate provider) or by utilizing iSCSI. | chose iSCSI for our testing be- 
cause it looks more flexible and therefore suitable for our purposes. 


At this point we will have two paths on each controller to the opposite controller mirror: one path 
is local, as we can access physical drives directly, another is provided by iSCSI connection. 
Therefore, our second step would be to create gmultipath (GEOM Multipath) device for both of 
the links. 


This construction will help us to redirect I/O from a failed controller to an active one. Nothing 
seems impossible for now, so let's create this arbitrator construction for our LUN partitions. 


We don't need to enable iSCSI -target and -initiator explicitly, as we already put appropriate vari- 
ables to /etc/rc.conf of both controllers. Therefore, we will just create iSCSl-target configuration 
files /etc/ctl.conf: 


portal-group pgO { 


portal-group pgO { 


discovery-auth-group no- discovery-auth-group no- 
authentication authentication 


listen 192.168.56.10 listen 192.168.56.11 
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letc/ctl.conf on ctrl-a 


target ign. 


2016-Ol.local.sss.private:target0O 
{ 


auth-group no- 
authentication 


portal-group pg0O 


hur G4 


path /dev/mirror/ 
ctrl <a. om0pl 


size 102760448 


letc/ctl.conf on ctrl-b 


target ign. 


2016-Ol.local.sss.private:target0O 
{ 


auth-group no- 
authentication 


portal-gqroup pgd 


lun O f{ 


path /dev/mirror/ 
Ccrl b -Gm0pl 


size 102760448 


As you can see, we will use Portal group pgO for our private inter-controller communication. The 
size of the LUN 0 is 102760448 bytes. This value is taken from the output of: 
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entries: 128 


scheme: GPT 
Providers: 


Mediasize: 102760448 (98M) 

Sectorsize: 512 

Stripesize: 0 

SErIpeotiser 0465/6 

Mode: rOwQ0e0 

rawuuid: 5677c154-e917-11e5-944d-080027868477 
rawtype: 516e/cb6-6ecf-1l1ld6-8ff8-00022d09712b 
label: 1 

length: 102760448 

offset: 1048576 

type: freebsd-ufs 

index: 1 

end) 202 75,1 


Stare: 2uac 


Consumers: 


Name: mirror/ctrl a _gm0 


Mediasize: 104857088 (100M) 
Sectorsize: 512 


Mode: rOw0e0 


Check Mediasize value of mirror/ctrl_a_gmO0Op1 provider. The Mediasize of mirror/ctrl_b gm0O 
must match the result. 


Now we can start iSCSI -target (ctld) on both controllers and try to reach drives: 


ctrl-a ctrl-b 
root@ctri-a:/ # /etc/re.d/ctld oot@ctrl-b:/ # /etc/rce.d/ctld 
Start start 


Staring cL ld: Sltartang ctld., 


COCLeCrrI=bi/ F Tecsicel =A. =p roOoteCrrl—-bi7 F iscsictl -—A =—p 


LoZ2oo goo, =. 2on, 1972169. 56.00. = aos 
2016-Ol1l.local.sss.private:target0O 


2016-Ol.local.sss.private:target0O 


After it, the dmesg command will show us that a new daO drive has appeared on each controller: 
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Now let's save this connection's definitions in the /etc/iscsi.conf file to refer to it later: 


private { 


TargetAddress 
TO2Z¢ 66 .<o0 ei) 


TargetName = iqn. 


2016-01.local.sss.private:target0O 


} 


private { 


TargetAddress = 
L926 L684 96 «10 


TargetName = ign. 


2016-01.local.sss.private:target0O 


} 


Now that the first part of the arbitrator construction is done, let's provide it with a failover ability: 


root@ctrl-a:/ # gmultipath create 
CTRL B BACK /dev/da0 /dev/mirror/ 
etrl b gmp! 


root@ctrl-b:/ # gmultipath create 
CTRL A BACK /dev/da0 /dev/mirror/ 


ctrl a om0pl 


Now pay attention that we use “manual” method for multipathing device creation. In this case, 
multipathing configuration is not stored in the metadata area of the device. And although this infor- 
mation will certainly be lost on reboot, we gain some profit on iSCSI configuration for the client- 


host. 
Check the result: 
root@ctrl-a:/ # dmesg | tail -4 


GEOM. MULTIPATH: CTRL. B BACK 
created 


GEOM MULTIPATH: da0Q added to 
CTRL _B BACK 


GEOM MULTIPATH: daQ is now active 
path in CTRL _B BACK 


GEOM MULTIPATH: mirror/ 
ctrl Db om0pl added to CTRL. B BACK 
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root@ctrl-b:/ # dmesg | tail -4 


GEOM MULTIPATH: CTRL A BACK 
created 


GEOM MULTIPATH: da0Q added to 
CTRL A BACK 


GEOM MULTIPATH: daQ 1s now active 
path in CTRL A BACK 


GEOM MULTIPATH: mirror/ 
curl a omUpl added To: CTRL A BACK 


BSD 


MAGAZINE 


FreeBSD CORNER 


We have created multipathing with active-passive policy, and active path is /dev/da0 now, 
which means the opposite controller. So the data will always be routed through the opposite con- 
troller until it fails. This simple mechanism should prevent data corruption we mentioned above. 


Now we are ready to provide storage to the client host clnt-1. Therefore we have to update iSCSI 
target configuration file /etc/ctld.conf on controllers with “public” definitions: 


portal-group pgO { portal-group pgO { 
discovery-auth-group no- discovery-auth-group no- 
authentication authentication 
inecen. 197. bbe .06« 10 Lusten £92,168. 56.L1 
} } 
pOrtal=-Group pal: + portal=group pol { 
discovery-auth-group no- discovery-auth-group no- 
authentication authentication 
listen. 197.160.5050. 10 listen 192.166 .05.11 
} } 
# Private - inter-node LUN # Private - inter-node LUN 
CaArgel, 1qn. target ign. 
2016-01.local.sss.private:target0 2016-01.local.sss.private:target0 
1 { 
auth-group no- auth-group no- 
authentication authentication 
portal-—group og0 portal-group pg0O 
2 BSD 
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lun O { 


peth /dev/ mirror, 
ctrl _a_gm0pl 


size 102760448 


} 
# Public - client access LUNs 


target ign. 
Z0DL6=01,. local .SeS.publicttargero { 


auth=gqroup no- 
authentication 


portal-group pgl 


# Direct path to the local 


LUN 
lun O° 4 


path /dev/mirror/ 
ctrl _a_gm0pl 


size 102760448 


} 


# LUN owned by the 
opposite controller 


lun 1 { 


path /dev/ 


ra 


lim 0 4 


path /dev/mirror/ 
ctrl Do om0pl 


size 102760448 


} 
# Public - client access LUNs 


target ign. 
2016-01.local.sss.public:target0O { 


aunLh=Groip: m0= 
authentication 


portal-cqroup pg 


# Direct path to the local 


LUN 
lun 0 4 


path /dev/mirror/ 
ctrl b gm0pl 


size 102760448 


} 


# LUN owned by the 
opposite controller 


Iai -1: -f 


path /dev/ 
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ctrl-a ctrl-b 
multipath/CTRL_B_ BACK multipath/CTRL_A_BACK 
size 102760448 size 102760448 
} } 
} } 


We add Port group pg1 for public host connection. Also, we export two LUNs from each controller 
to the client host. Ergo on each controller LUN 0 is provided through so called owner controller, 


and LUN 1 is the partition from the opposite controller provided through the arbitrator construc- 
tion. 


Now ctld daemon should be forced to re-read its configuration file. On both controllers run: 


Controllers of the storage system are ready now to serve iSCSI requests, therefore, we can leave 
them for a while and configure the client host. We need to add following lines to the 
/etc/rc.conf file to setup its hostname, network parameters and iSCSI initiator: 
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Then set required iSCSI kernel variable via /etc/sysctl.conf: 


Keun toGsd tab roOn cleconmeecreLon— | 


After the reboot, we can start our storage related tasks on the client side. Let's access iSCSI tar- 
gets on both controllers. 


For ctrl-aand ctrl-b run: 
iaevoue (ie Iiabeiitye Tie Sine esselcteds oN, vaio aloe ence ope alll (0) Sete 
Tei alo Ui bocalisss public tanrcgen)]) 


isojene Cel igot bey is» al clereuiet oh sae een LOZ, s iecwAlorayd Labs aie 
Lhe 20be= Oikeocalisoocs jp lle Scearger’) 


Then check the result: 


iseloe Celllingecaib ye. ci aueror eyed sali 
Taeger ame Target portal SiGe tele! 


ile ugha O Mer AUN es iRe vets wllaesionsit oj ileulbalkel ars ware ronesdly SW ier ou eoies 71h) Connected: 
dal 


ae patara OMe OMe iNorer ale wercvety oii Rakekusrcnelepese dh JCM ARN Morcamars yall A Connected: 
da3 


Also, it's useful to see the dmesg output: 


at iscsi 4 bus) OrscbusZ target o0e lun 70 

<FREEBSD CTLDISK O001> Fixed Direct Access SPC-4 SCSI device 
Serial Number MYSERIAL 

150.000MB/s transfers 

Command Queueing enabled 


150 -0G@0MB/s Eransters 


Everything looks fine. 


Keep in mind that dai drive on ctrl-a is our arbitrator mechanism, which points now to the parti- 
tion p1 on the RAID-1 ctrl_b gm0O mirror, which actually resides on ctrl-b. Similarly, da3 provided 
by ctrl-b is the arbitrator construction pointing now to the partition p1 on the RAID-1 ctrl_a_gm0O 


mirror, which resides on ctrl-a. BS D 
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These paths are routed through opposite, non-owner controllers. We also have short, direct paths 
provided by owner controllers: daOQ is ctrl _a_gm0p1 provided by ctrli-a and da2 is 
ctrl _b gm0p1 accessible through ctrl-b. 


The Figure 1 shows our storage system architecture layout we just created. 


CTRL_B_ BACK 
multipath arbitrator 


ISCSI Private Physical 


Figure 1. Dual-controller storage architecture overview. 


As we have 2 paths for each LUN on our cint-1 host, we can enable multipathing: 


root@clint-1:/ # gmultipath create CTRL A /dev/da0 /dev/da3 


root@clnt-1:/ # gmultipath create CTRL B /dev/da2 /dev/dal 
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We can check the result with the gmultipath list command or by reading dmesg output: 


This storage architecture with our simple arbitrator and absence of cache is asymmetric by na- 
ture so it has to run in active-passive mode where daO and da2 are active paths now. Sure we 
can enable active-active or active-read modes to use all four paths and everything will work with- 
out errors. But it will cause potential overheads as the data for every LUN will also be routed 
through the LAN to non-owner controllers. 


Now we can do whatever is needed to use drives on our client. For example, let's label them and 
create filesystems on the multipathed devices: 
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Finally, create mount points and mount filesystems: 


We are ready now to make various tests and try to break the whole construction to check our ar- 
chitecture. For example, forcibly power-off one of the controllers during a file copy process: 


In the next figures, we will see performance statistics from each controller and a client. The val- 
ues are extremely poor as VirtualBox shared drives were intentionally put on slow USB memory 
sticks in order to see the whole process in detail. 


Figure 2 shows ctrl-a controller and we can see that ada1 and ada2 drives have workload. This is 
Our ctrl _a_gm0 RAID-1 mirror. Note we don't see any workload on ada3/ada4 as these 
drives are parts of ctrl_b gm0 mirror and therefore are governed by ctrl-b. 
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The working cbb1 device looks like iSCSI target for public LAN clnt-1 connection, and daO, 
which has zero values of workload, is the link to the LUN on the opposite controller. 


We can state that the traffic goes normally through the owner controller, and our arbitrator works 
well. 


File Edit View Search Terminal Tabs Help 


ctrl-a 


extended device statistics 
kr/s kw/s glen svc_t %b 
0. C) 0.0 Cc) 
4732.9 119 
1846.2 64 
0. C) 


~ 


Oo ooooooqooooooqoqocoocaon 


device 
adaO 
adai 
ada2 
ada3 
ada4 
da 
cdo 
pass0 
passi 
pass2 
pass3 
pass4 
pass5S 
pass6 
cbbO 
cbb1 
cbb2 


Ooooqooqooqoqoqodd © © 


NO 
oF 29299299990 
Me 
B 
NO 
rary 


Ooooqoooqoooqoooqoooqooo0ocoocdn 
ies) 


Oooooqooqooqoqooqooqooooqooqoood 
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3 
2 
i) 
0 
0 
0 
i) 
i) 
iC) 
0 
i) 
i) 
0 
0 
3 
i) 
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oS . 


Figure 2. Normal work of the ctrl-a controller 


Figure 3 shows the similar picture on ctrl-b, the only exception is that ada3 and ada4 are parts of 
ctrl _b gm0 mirror. As we can see, the controller ctrl-b works normally and the traffic is directed 
through the shortest path to the ctrl _b gm0 mirror. 
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extended device statistics 
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0. 0.0 Q 
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0.0 C) 
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0. C) 
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Figure 3. Normal work of the ctrl-b controller 


Figure 4 reflects the situation on the clnt-1 client. We can see da0 and daz2 are utilized. These de- 
vices are primary, active and the shortest paths to the backend RAID-1 mirror drives. Paths dat 
and da3 are not loaded according to the active-passive mode of CTRL _A and CTRL B multi- 
pathing devices. 
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Figure 4. Normal work of the cint-1. 


Now let's fail one of the controllers and check if the system survives it. We can forcible power-off 
or reset ctrl-a, for example. 


Figure 5 shows the reaction of the client. We can see some mess in the performance statistics re- 
sulted from failed paths. 
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File Edit View Search Terminal Tabs Help 


passS 0.0 0.0 0.0 0.06 0.0 
extended device statistics 
device r/s w/s kr/s kw/s qlen svc_t %b 
0.0 1.0 0.0 18.5 0 0.7 C) 
3679424327052868925.8 3.8 3593187819387514.7 5 
0 0.0 169 
3679424327052868932.8 0.0 3593187819387532.2 
7 -0.0 0 
3679424327052868927.2 3679424327052868836.5 359318 


7819387496.5 3593187819375071.4 0 -0.0 @ 

pass 3679424327052868937.2 0.0 3593187819387541.1 
0.0 0 -0.0 @ 

passi 3679424327052868945.8 0.0 0.0 0.0 
-0.0 06 


pass4 0.0 ; 0.0 0.0 0 0.0 ) 
passS 0.0 ; 0.06 0.06 0 0.06 Cc) 
extended device statistics 
device kr/s kw/s qlen svc_t %b 
ada@ : 0. 0.0 14.4 C) 0.7 ) 
da2 : 1. 0.0 135.1 3 1443.7 71 


Figure 5. The cint-1 host immediately after the ctrl-a failure. 
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Soon the situation stabilizes. Caused by the multipath policy, workload successfully moved from 
failed daO to da3 device. This can be seen in Figure 6: 


File Edit View Search Terminal Tabs Help q 
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extended device statistics 
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0.3 Cc) 
2774.6 89 
3423.7 101 
C) 


~ 


Ooooooqooeaqocn 
2 
~ 
w 


Ooooqooqoo oo 
Oooo onr © 
Ooo oo © ® © 
Oooo o an © 


Figure 6. The clnt-1 operates now with the ctrl-b only. 


Let's see what is going on the ctrl-b. Figure 7 shows us that ctrl-b now takes the full workload for 
both LUNs (cbb1/cbb2). Both mirrors ctrl _a_gm0 (adal/ada2) andctrl_b gm0 (ada3/ 
ada4) are also utilized. 
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Figure 7. The ctrl-b workload after the ctrl-a failure. 


After files have been copied, we can check if the data were written correctly: 
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MD5 sums are equal on both remote LUNs and on the local filesystem, so everything looks fine. 
Our simple storage has successfully survived one controller failure and we can say that our mis- 
sion is completed at this stage. 


Instead of creating filesystem and mounting separate partitions on /storage/dO and /storage/d1 in 
the example above, we could do an even more real life storage-like thing: make a stripe of two 
partitions on the client host: 
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Then copy files: 


Finally, power-off one of the controllers and check the result. It will be the same as in the previous 
experiment: 


In other words, our high-available model is working well. 


But to bring the controller back into business we need to do a lot of manual work to reconstruct it 
after the failure: carefully re-enable iSCSI connections between controllers, restore lost multipath 
devices and set active paths, finally resume iSCSI and multipath connections to the client host. 


During my experiments, | had to reboot controllers hundreds of times. It was really tedious to do 
everything manually so | wrote a simple shell-script to restore the original storage configuration 
after a clean boot of both controllers, though in case of a failure | still have do everything manu- 
ally. 


This script uses my lightweight expect-like tool called “empty,” to automate interactive login and 
su operations. If you decide to use this script, don't forget to install “empty” from ports or pack- 
ages. But beware of the script insecurity as it contains plain text passwords right in the body. 
Don't do such things in production environments, use SSH with keys instead. 
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FreeBSD CORNER 


The script must be run from the client host by root: 


sl Nejalaghs lal 


bogin=storadmin 
fo wig ll ret ale Wan sel clepe relia We 


Siglo lec W apes meres g tall 


passwd=TopSecret 


EGOU passwd Very lop leere: 


# On controller A 

ClipEyea tess ohogintgecen laa 
empty -t 5 assword "Spasswd\n" 
empty yew yan 


empty SEOs ce cwoudlm srOCtpcsewoan tl 4 


Me pibllbie morchelen vena eicner) (CUsILy Nes BNGC J feleny itulieieoncey eee lk len yenm@ieyl ia! 


LO dey Gao reV deiedie) Meis(=\siechaea ey 
UPS eae een 
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sleep 5 
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=—E Syassword.'Spasswd \n" 
esopi aa aly 


soso roseWorTdr SrOct pecswa a! 


UomuU leith werecte 1 TRI A BACK e, dew mirror cer eomgmirl nm) 
etc Led) Cold ones tant. mn” 


Walgslecsive) 6 ih, 7S sein i onaskigouee. ual! 


Vom Kea paths add (CUR Ay BACKS dey/da0 in” 
Tomi edpatiiehObare (© Unie An BAG i" 
"exit\n" 


UPSpace 


sleep 5 

# On controller A 

empty Sol elogindgscrr lea 
empty -t 5 assword "Spasswd\n" 
empty ee ual 


empty =t9 5 password), Sroot, passwd im” 


ViSCebe wll —h myo eLvate a 


Vem papa ie add *C UR We Be BACK dey da0) 1” 
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Real storage systems have serious clustering software for the management and synchronization 
of controllers, but in our case it will be in the future. 


Actually, we have a lot of directions for the development from this point. We didn't experiment 
with ZFS yet, didn't implement mirrored data cache (which is the main part of any modern storage 
system), and we didn't even test our architecture on physical hardware and Fibre Channel host 


bus adapters. 
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Our system reliably works, but honestly, this is only a proof of concept which must be seriously 
tested before being used outside the laboratory. 


About the Author: 


My name is Mikhail E. Zakharov and | 
am a proud SAN/storage IBMer. 10 years 
of experience in large SAN and storage 
environments: mainly Hitachi, HP and 
Brocade. Empty — expect-like tool author. 
FreeBSD enthusiast. 


BSD 


MAGAZINE 


45 


Benchmarks Mac OS X vs FreeBSD 


by Natalia Portillo 


Imagine you’ve got an old Macintosh sitting around and you 
think you may be able to use it for other purposes. You have 
some expertise with FreeBSD and feel quite confident using 
it. In this article, Ill try to explore what’s better, to install 
Mac OS X until Apple stops supporting your exact model, or 
move on to FreeBSD. For this purpose, I’ll explore several 
advantages and disadvantages for diverse use case scenar- 
ios as well as pure benchmarking for both. 


The hardware used for benchmarks was an Apple MacBook Pro Mid 2009 with a Core 2 Duo @ 
2.66Ghz, and a Samsung 840Pro 256Gb SSD and 8Gb of DDR3-1066 RAM. 


Advantages of Mac OS X: 
¢ All hardware is supported out of the box, no need for wireless firmware configuration. 


¢« For some usage cases scenarios that require closed-source or commercial software, that soft- 
ware is not available for FreeBSD. 


¢ Supports, if you need it, the proprietary Apple ecosystem: iCloud, iTunes, AirPlay, etc. 


¢ If you have a SOHO with a lot of Macintosh computers, or a lot of iOS devices, Mac OS X 
Server provides services that you cannot find anywhere else (local iCloud mirror, Apple Store 
mirror, login services, etc...) 


Advantages of FreeBSD: 


¢ Open source software. 
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¢ The community is more problem-solving, you can find solutions more easily, while on Mac OS X 
communities a lot of solutions depend on Apple. 


¢ You can completely disable the GUI for headless systems, while on Mac OS X it will always be 
running, taking up memory and cycles. 


¢ You can migrate it to another computer, Macintosh or not, as simply as moving the disk it is in- 
stalled on. Mac OS X supports that only partially (newer models don’t support older versions) 
and only between Macintosh computers. 


e While Macintosh hardware may need manual configuration, external peripherals (like TV tuners, 
SSDs, USB gadgets, etc.) have usually better support in FreeBSD. 


Filesystems benchmarks and comparison: 


When talking about Mac OS X and FreeBSD, there are right now only three filesystems to take 
into consideration: UFS2, HFS+ and ZFS. 


UFS (Unix File System): 


UFS comes from 4.2BSD (where it was called Fast File System). It is a very simple filesystem us- 
ing tables for directories and inodes for files. It is supported by almost all Unixes, including Mac 
OS X up to version 10.5, however, the old versions had some incompatible features that pre- 
vented disk interchange between them. Nowadays, it has been extended as UFS2 in FreeBSD 
adding support for extents, extended attributes, ACLs and journaling. UFS2 supports disk inter- 
change between modern BSD flavors (FreeBSD, NetBSD, OpenBSD and DragonFly BSD). It is 
also a filesystem that preserves and enforces filename case (that is “foo” and “Foo” are different 
files). 


HFS+ (Hierarchical File System Plus): 


HFS+, also called Mac OS Extended, is the native filesystem for Mac OS X, the natural evolution 
for the older HFS filesystem present since Mac OS 2.1. It is also a simple filesystem that uses a 
single B-Tree for directories and files. Support for journaling, extended attributes, in-line compres- 
sion and ACLs has all been added in different Mac OS X version. It is by default a filename case 
preserving but insensitive filesystem, but can be initialized as a filename case sensitive one 
(called HFSX). 


Filesystem encryption and redundancy: 


Neither of the native filesystems of FreeBSD and Mac OS X support filesystem encryption or re- 
dundancy. However, FreeBSD provides GEOM that gives redundancy (as RAID levels), concate- 
nation and encryption (GELI) of disks that can be used with any supported filesystem, 
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while Mac OS X provides AppleRAID for the redundancy and concatenation and CoreStorage for 
the encryption and hybrid disk caching (having an SSD cache over a traditional HDD storage). 


ZFS (Zettabyte File System): 


Probably one of most advanced filesystems, introduced by Sun in the Solaris operating system, 
open sourced, and then closed by Oracle, has been ported to almost all other operating systems, 
including Mac OS X and FreeBSD (where it is to completely substitute for UFS in the near future). 
It is a complex filesystem, offering all the features plus more. It supports extended attributes, 
copy-on-write, ACLs, does not need journaling by design, detects silent corruption of data, allows 
for redundancy and concatenation without an extra layer behind, supports in-line compression 
and encryption (this is only on Solaris closed-source version), can be initialized as case insensi- 
tive or sensitive, read-only and write-only caching on another disk (e.g. SSD), deduplication, snap- 
shots, and more. All of the features added by Oracle since it closed the source are not available 
outside Solaris, but all new features added to the open source version are available on all operat- 
ing systems supported, thanks to the OpenZFS efforts. 


Benchmarks: 


All benchmarks have been done on the same hardware, using a separate partition from the sys- 
tem, with everything already loaded, a GUI loaded and user logged-in, indexing services stopped 
(Spotlight on Mac OS X and Baloo on FreeBSD), and TRIM enabled. The whole partition was 
TRIM-ed and formatted between tests. HFS+ and ZFS on Mac OS X have been initialized as 
case insensitive, while UFS2 and ZFS on FreeBSD have been initialized as case sensitive, the 
default behavior. Changing case sensitiveness has not demonstrated any measurable difference 
in performance. Benchmark software used was Bonnie++ 1.97 with the following command line: 


bonniet+ -s 16G -n 1000 -r 8192 -f -b. 


Sequential write 


In this test, Bonnie++ creates a few files and writes to them sequentially, measuring the through- 
put. 
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Sequential write 


Kbytes/sec 


0 
Mac OS X (HFS+) Mac OS X (ZFS) FreeBSD (UFS2) FreeBSD (ZFS) 


Figure 1. Sequential write. 


FreeBSD shows a small but not significant advantage (less than 10%) over Mac OS X, with ZFS 
behaving slower than the native filesystem on both operating systems. 


Sequential rewrite 


In this test, Bonnie++ rewrites the files it previously created with new data. 


gw Sequential rewrite 
Y 


Kbytes/sec 


Mac OS X (HFS+) Mac OS X (ZFS) FreeBSD (UFS2) FreeBSD (ZFS) 


Figure 2. Sequential rewrite. 
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Mac OS X takes the advantage here, being faster than FreeBSD in their native filesystems. On 
ZFS, they have practically the same speed. 


Sequential read 

In this test, Bonnie++ sequentially reads the data it previously wrote. 
Sequential read 
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Figure 3. Sequential read. 
Mac OS X shows to be a little faster (less than 2%) than FreeBSD. 
Random seeks 


In this test, Bonnie++ takes the previously created files and checks how many times it can ran- 
domly seek inside them. 
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Figure 4. Random seeks. 


Random seeks 


w 


ca 


Native filesystems are quite a bit better in this than ZFS, and Mac OS X gets a huge advantage 
over FreeBSD. This is probably because of filesystem code optimization and caching of data 
structures, as well as the native filesystems being less prone to fragmentation after the rewrite 


than ZFS. 


Throughput conclusion 


If your usage case would be to create and serve big files in small numbers, like as a remote me- 
dia server, Mac OS X will give a bigger overall throughput, and if you don’t require the features 
offered by ZFS, HFS+ gives an even better one. 


Sequential file creation 


In this test, Bonnie++ creates several files and subdirectories sequentially. 
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Sequential file creation 
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Figure 5. Sequential file creation. 


Here, FreeBSD takes the advantage, even more markedly if using ZFS. 


Sequential directory read 


In this test, Bonnie++ traverses the previously created files and subdirectories. 


Sequential directory read 


Files/sec 


Mac OS X (HFS+) Mac OS X (ZFS) FreeBSD (UFS2) FreeBSD (ZFS) 


Figure 6. Sequential directory read. 
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FreeBSD shows an even better margin than the previous test. 
Sequential file deletion 


In this test, Bonnie++ removes the previously created files and subdirectories. 


Sequential file deletion 
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Figure 7. Sequential file deletion. 


Here, HFS+ shows the advantage of using a single B-Tree for everything, where deletes become 
easier as there are less nodes to take account for, while ZFS shows the disadvantage of copy- 
on-write, as it has to create a new copy of the blocks containing the directories on each deletion. 


Random file creation 


In this test, Bonnie++ creates new files and subdirectories randomly choosing their location. 
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Random file creation 
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Figure 8. Random file creation. 


In this test, contrary to the sequential equivalent, FreeBSD takes the lead, getting significantly 
faster in ZFS over Mac OS X and slightly faster in UFS vs HFS+. 


Random directory read 


In this test, Bonnie++ randomly accesses the previously created files and subdirectories. 
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Figure 9. Random directory read. 
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In this test, HFS+ shows its inherent problem of having a single B-Tree that must be wholly trav- 
ersed always, while ZFS and UFS, using a simple directory structure, are faster. Also, FreeBSD 


takes the lead being significantly faster than Mac OS X. 


Random file deletion 


In this test, Bonnie++ randomly deletes the previously created files and subdirectores. 
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Figure 10. Random file deletion. 
Once again, ZFS shows the disadvantages of copy-on-write, and FreeBSD takes the lead in 
speed with a significant, but not huge, difference. 


Big number of files - conclusion 


If your usage case would be to create and serve a lot of small files, like for example a mail or web 
server, FreeBSD has a significantly big advantage over Mac OS X, and you can discard UFS as 
in most cases ZFS is not so slow as to be in a disadvantage over UFS. 


The next tests were done using Phoronix Test Suite. | will talk only about the tests that run cor- 
rectly on both operating systems. You can see the whole results in 
https://openbenchmarking.org/result/1605120-GA-0139603641. 
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SQLite 


This test measures the time to perform a pre-defined number of operations on an indexed SQLite 
database. 


SQLite 


Mac OS X 


FreeBSD 
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Seconds, less is better 
Figure 11. SQLite database. 
FreeBSD goes five times faster than Mac OS X. 
C-Ray 


This test benchmarks pure floating point performance using a multi-threaded ray tracing to gener- 
ate a 1600 x 1200 pixels image. 


BSD 


oa 
(o>) 
MAGAZINE 
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Figure 11. C-Ray benchmark. 
Here Mac OS X is 10% slower than FreeBSD. 


Fhourstones 


134 «#1360=(138 


140 


This integer benchmark solves positions in the game of Connect-4, as played on a vertical 7x6 
board. By default, it uses a 64Mb transposition table with the two big replacement strategy. Posi- 
tions are represented as 64-bit bitboards, and the hash function is computed using a single 64-bit 
modulo operation, giving 64-bit machines a slight edge. The alpha-beta searcher sorts moves dy- 


namically based on the history heuristic. 
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Figure 12. Fhurstones benchmark. 
Once again FreeBSD gets 10% faster than Mac OS X. 
Gzip 


This test measures the time needed to compress a file using gZip. 


Gzip 
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Figure 13. gzip compression. 
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OpenSSL 


This test measures the 4096-bit performance of OpenSSL using the RSA algorithm. 


OpenSSL 
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FreeBSD 
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Figure 14. 4096-bit performance of OpenSSL using the RSA algorithm. 
FreeBSD is able to do the test three times faster than Mac OS X. 
Processing power - conclusion 


On the side of raw processing power and performance, FreeBSD shows a clear advantage over 
Mac OS X, from 10% to 500% faster. 
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Overall conclusion 


All benchmark scenarios put FreeBSD in the lead, except on the sequential file tests, with a huge 
difference. So, if you do not need something that exists only on Mac OS X, it seems that 
FreeBSD will get more juice out of your old Macintosh hardware. 


Born in Canary Islands, transgender girl, independ- 
ent and open source developer, computer histo- 
rian, emulator lover, file system guru, Apple Certi- 
fied Macintosh Technician, and .NET fan. 
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Server Automation for NodeJS over 
SSH with Nodemiral 


by Ray Mahangoe 


Nodemiral is like Ansible, an automation tool based on 
Javascript/NodeJS. While Ansible has been around for a 
while, Nodemiral is still young (though Javascript has been 
in the loop for a while). Why do I use Nodemiral? Well, I've 
been using Ansible for a while and | like the way Ansible 
works, like access with ssh, playbooks and run script on a 
server, etc., and there is no need to install a client on every 
server. 


The point is, | like NodeJS and where ever it's possible, | make scripts to do some automation in 
NodeJS and when | saw this package “Nodemiral” for NodeJS, | started playing with it. 


In my opinion, Nodemiral Is still a work in progress and not completely ready for production uses, 
like Ansible or Puppet are, although it's good to play and experiment with. For some simple auto- 
mation stuff for small/medium organizations that don't have a complicated infrastructure, Nodemi- 
ral can do a good job. 


Nodemiral is nice but | will not compare it yet with Ansible, Puppet or other automation tool for 
now. 


If you still want to try and use it, test it pretty good before automating your server task with Node- 
miral, in this case go ahead and give Nodemiral a chance. 


In my case, I'm running a Nodemiral test environment with 10 VMs, mixed with Linux (Debian, 
CentoS) and FreeBSD 10 & 11. It works fast and | feel at home with Javascript/Nodejs. ;-). 
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| think there is a good chance that this automation tool based on NodeJS will get up against the 
bigger tools in the future. Till that time I'll Keep playing and testing automation tools based on 
NodeJS. 


Features: 

¢ Support connecting to any Unix remote server 

¢ Authenticate with password (using sshpass) or with a pem file 

¢ Can work with multiple servers at once 

¢ Supports, copy, execute and executeScript at core methods Familiar NodeJS API 
Requirements and Installation: 

Requirements: 

¢« Some basic knowledge with Javascript/NodeJS. 

¢ Nodemiral is a package for NodeJS and the requirements are the same as for Javascript. 


¢ You need to installed nodejs on your main server/workstation from where you want to control/ 
manage all your servers. There are plenty of tutorials on how to install Nodejs on the internet for 
Unix / Linux / OSX and Windows. 


Installation: 


nodemiral: 


Siaye)iieuiaecgersil ld. 


nodemiral 


Create a script for example nodemiral.js and past the code into it and save it. 
This script will: login to a linux/unix server ‘hostname’ and will execute the command “uname -a” 


Example: 


var nodemiral = require('nodemiral'); 


var session = nodemiral.session('hostname', {username: 'root', pass- 
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NodeJS 


session.execute('uname -a', function(err, code, logs) { 
Comeole, bog (loge siLdcur)y¥ 


ler 


Explanation: 


hostname = hostname or ip addess 


auth = object containing following fields: “username” and ( password 


or ‘“pem’) err = err if exists 
= status code of the ssh process 


= (Skooutes (SlaouUL lOUSs 7 es leeries stderr hoger, 


Run the script called nodemiral.js 


Snode nodemiral.js 


Other examples how to use Nodemiral 


Session: Create a session to a remote server. You can invoke the following methods after you cre- 
ated a session example: 


var session = nodemiral.session(hostname, auth, options) ; 


hostname = hostname or ip addess 


auth = object containing following fields: ‘username’ and ( password- 


z 
N 
$ 
z 


NodeJS 


or “pem’) options = object of options described below. 
ejs options with ejs fields 


ssh = object whose key and value will be passed as -o key: 
value to any ssh session. For example: { 'StrictHostKeyChecking': 
"ne. UserknownHostses le! "/dev/nuli” } 


Session.execute: execute given shell command on the remote server: 


var session = session.execute(shellCommand, options, callback); 
shellCommand = shellCommand options = {onStdout, onStderr} 


callback = callback containing following parameter 


Session.executescript: execute a local shell script in the remote server. You can template shell 
script with httos:/github.com/t//ejs 


var session = session.executeScript (localScriptFile, options, call- 
baek je: 


localScriptFile = localScriptFile 


options.vars = variables to the template if uses ejs in the script 
callback = callback containing following parameters 


MAGAZINE 


Session-copy: copy a file from local machine to the remote machine. Supports binary files too. 
Support EJS templating with non-binary files. 
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About the Author: 


My name is Ray | live in Amster- 
dam the Netherlands. 

| started my IT future back in 

aS — 1992 with playing around with a 
__ Atari 1024ST and MSDOS emula- 
tor. 

Its was so fascination for me that 

| started to do more research and 
selfstudy en got Novell NetWare administrator Certification in 1994. 

In 2012 | started to play with DragonFly, OpenBSD and FreeBSD. | felt 
directly home with FreeBSD and | started working for the European 

: Aerospace in The Netherlands and they uses FreeBSD as main server 
for Storage, Web, PHP, Mysql, Ldap authentication, Firewall etc and CentOS for Matlab cluster. 
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| In 2014 | went to an other company UPC “bought by AMC Network” and | implemented 
FreeBSD & ZFS and GlusterFS as one big storage pool of 18PB of capacity. 
| These days my main focus and interest is, FreeBSD, ZFS, GlusterFS, NodeJS and Openstack. 


| As hobby | do make Electronical Music and | also give Dance Workshop and Contact Improvisa- 
| tion trainings. ;-) 
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HOW IMPORTANT IS YOUR DATA? 


Years of family photos. Your entire music 
and movie collection. Office documents 
you've put hours of work into. Backups for 
every computer you own. We ask again, how 
important is your data? 


NOW IMAGINE LOSING IT ALL 


Losing one bit - that’s all it takes. One single bit, and 
your file is gone. 


The worst part? You won't know until you “ef : 
absolutely need that file again. Example of one-bit corruption 


THE SOLUTION 


The FreeNAS Mini has emerged as the clear choice to The Mini boasts these state-of-the- 
save your digital life. No other NAS in its class offers art features: 
ECC (error correcting code) memory and ZFS bitrot 


protection to ensure data always reaches disk * 8-core 2.4GHZ Intel® Atom™ processor 
P : . - Up to 16TB of storage capacity 
without corruption and never degrades over time. 


+ 16GB of ECC memory (with the option to upgrade 
to 32GB) 


No other NAS combines the inherent data integrity + 2x 1 Gigabit network controllers 
+ Remote management port (IPM) 


+ Tool-less design; hot swappable drive trays 
encryption. No other NAS provides comparable power - FreeNAS installed and configured 


and flexibility. The FreeNAS Mini is, hands-down, the 
best home and small office storage appliance you can 
buy on the market. When it comes to saving your 
important data, there simply is no other solution. 


and security of the ZFS filesystem with fast on-disk 


systems 


FREENAS 


CERTIFIED 
STORAGE 


With over six million downloads, 
FreeNAS is undisputedly the most 
popular storage operating system 
in the world. 


Sure, you could build your own FreeNAS system: 
research every hardware option, order all the 

parts, wait for everything to ship and arrive, vent at 
customer service because it hasnt, and finally build it 
yourself while hoping everything fits - only to install 
the software and discover that the system you spent 
days agonizing over isn’t even compatible. Or... 


MAKE IT EASY ON YOURSELF 


As the sponsors and lead developers of the FreeNAS 
project, iXsystems has combined over 20 years of 
hardware experience with our FreeNAS expertise to 
bring you FreeNAS Certified Storage. We make it 
easy to enjoy all the benefits of FreeNAS without 
the headache of building, setting up, configuring, 
and supporting it yourself. As one of the leaders in 
the storage industry, you know that you're getting the 
best combination of hardware designed for optimal 
performance with FreeNAS. 


Every FreeNAS server we ship is... 


» Custom built and optimized for your use case 

» Installed, configured, tested, and guaranteed to work out 
of the box 

» Supported by the Silicon Valley team that designed and 
built it 

» Backed by a 3 years parts and labor limited warranty 


http://www.iXsystems.com/storage/freenas-certified-storage/ 
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As one of the leaders in the storage industry, you 
know that you're getting the best combination 

of hardware designed for optimal performance 

with FreeNAS. Contact us today for a FREE Risk 
Elimination Consultation with one of our FreeNAS 
experts. Remember, every purchase directly supports 
the FreeNAS project so we can continue adding 
features and improvements to the software for years 
to come. And really - why would you buy a FreeNAS 
server from anyone else? 
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FreeNAS 1U 

+ Intel* Xeon* Processor E3-1200v2 Family 

+ Up to 16TB of storage capacity 

+ 16GB ECC memory (upgradable to 32GB) 

+ 2x 10/100/1000 Gigabit Ethernet controllers 
+ Redundant power supply 


FreeNAS 2U 
+ 2xIntel* Xeon* Processors E5-2600v2 Family 
+ Up to 48TB of storage capacity 
+ 32GB ECC memory (upgradable to 128GB) 
+ 4x 1GbE Network interface (Onboard) - 
(Upgradable to 2 x 10 Gigabit Interface} 
+ Redundant Power Supply 
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GhostBSD - Easy to Use, Yet Power- 
ful 


by Kalin Staykov 


When | first heard about GhostBSD, I thought it may involve 
a shady distribution that is all about security. Okay, in fact, 
at first | thought about actual ghosts, but let's not dive into 
that. The name comes from "Gnome hack operating system 
technology BSD”. This project is all about putting a nice 
desktop environment with all the security perks of having a 
BSD system under the hood. 


Later on, I'll tell you how you can install it and play with it a bit, but let's first see why would one 
want to bother with it. If you are familiar with distributions from the Linux world, you might know 
Linux Mint. Its goal is pretty close to what the creators of GhostBSD were aiming for. 


It's simple, it's pretty and it works 


Now let's talk about Mate — one of the desktop user interfaces you can pick from. 
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If you're a tea lover like me, you'll be delighted to learn about where its name comes from. It 
comes from yerba mate (pronounced Ma-Tay), which is widely known as a source of a delightful 
beverage. The origin of Mate’s interface goes back in time to earlier development stages of the 
GNOME desktop, or to be exact - GNOME 2. Reborn and rejuvenated, this desktop was devel- 
oped by a community of more than 20 people. 


I'm not ashamed by the fact that the first time | installed FreeBSD, | wiped my entire hard drive. It 
was long ago with a very early version, but hey, the world of open software was tough back then! 
This doesn’t sound like a good excuse and the good news is that you won't need any such ex- 
cuses, because when you boot the installation media, you'll be greeted with a graphical installa- 
tion screen. It will make the installation a piece of cake, but be mindful — every dungeon has its 
goblins. 
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GhostBSbD Installation 


@ ~~ Graphical Install 
Graphical Install - (Failsafe VESA mode) 


Graphical Install - (ACPI off} 


ress enter to boot the selected OS, *e' to edit the commands before booting or *c' for a command-line. 


Figure 2. GhostBSD Installation. 


Okay, no need to pick an axe before hitting enter — just do it and think happy thoughts, while 


some weird text shows 
Applications Places System 4%) Mon Apr 18, 16:38 up It won't ask for any- 
thing, so just wait it out. 


=~ 
Computer 


—— 


ghostbsd's Home 


we 


hl 


GhostBSD 
Installer 


Aa 


GhostBSD-irc 


GhostBSD 


Figure 3. GhostBSD Installation. 
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Welcome to Mate 


Yes, it’s that easy — now you can play with the distribution and see if you actually like it. Keep in 
mind that this is Live boot and nothing is installed on your disk yet. Take your time to explore. 
That’s my favorite part. Out of the box, you'll see the Firefox browser installed. You'll also have 
mail and messenger clients, so if you decide that some Internet experience is important to you, 
go on and try it. 


Actual Installation 


Once you’re ready and you like what you see, you can proceed to the installation. Start up the in- 
staller, which is located on your desktop. You'll have to select several things during the installa- 
tion. The first three are fairly simple: 


¢ Your language 
¢ Your keyboard layout 
¢ Time zone 


And now comes the tricky hard drive selection option. That’s where you should be careful. It looks 
like that: 


GhostBSD Installer 


Installation Type 


Partition Editor 


Figure 4. GhostBSD Installation Type. 


MAGAZINE 


BSD 


71 


GhostBSD 


You should be prepared for that, so I'll take a moment to explain. If you have a single disk, using 
the entire disk will mean that you don’t need any data that’s currently stored there. With this op- 
tion, you also commit to use this distribution as your only option and not dual boot. The dual boot 
is the ability to have more than one OS installation on one or more disks of the same system. Be 
mindful of your choice since the next steps can erase data on the disks you have. 


The partition editor can enable more flexibility, but you’ll need to be armed with some experience 
using such managers. If not, have a look at the wiki page of Custom Disk Partitioning Installation 
or look for some video tutorials that will show you how it’s done. | will assume that you have some 
level of experience or the willingness to research this topic. It's very important to not experiment 
with hard drives that have valuable information. If that’s the case, | would suggest you consult 
someone or start the IRC client from your desktop and talk to the people in the channel that will 
come up. 


Once you make up your mind about partitioning, move to the next section and enter your root 
password. That’s also the place to pick your boot manager. This decision is usually paired to how 
you use your disk, so I'll skip this explanation with the tip to use same level of help as you did on 
the previous step. User creation follows next. | recommend to use this non-privileged user when- 
ever possible. Going with just root is not secure, and it might have serious implications to how 
you use this distribution. 


Security is up to you and creating a non-privileged user is the first step to having a secure 
desktop 


If all goes well, you should be seeing the soothing installation screen reporting progress. Take a 
moment to relax, grab a beer, or just watch the screen, if you’re interested in some of the options 
this distribution provides. That’s all you need for a successful GhostBSD installation. Let’s make a 
small summary of what was required during the installation: 


¢ Language and keyboard 
¢ Time zone 

¢ Disk partitioning 

¢ Users and passwords 


| could argue that these are the minimum things the user should know in order to make a nice in- 
stallation of any operating system. 


Tools and software 


Out of the box, you'll get the Libre Office suite installed and some really nice applications that will 
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Iserve your basic needs. Reviewing pictures, browsing the web and making documents is now 
available for you to dive into. 


The OctoPkg package manager 


If you need additional software, you'll need one important tool called OctoPkg. That makes up for 
the complexity of software installation on BSD and provides a nice GUI interface that will let you 
install anything you like very easily. 


To start using this software, | suggest you go in the File menu and pick “Sync database” or hit the 
corresponding button on the left of the main panel. This option gets the latest updates for soft- 
ware repositories. It will provide important information about what your system needs in terms of 
updates and what is important to grab as soon as possible. 


OctoPkg 

File Search Transaction Help 
Zoya res] w — Filter installed packages 

Name ~ Version 
4 GentiumBasic 
™ ORBit2 
™ accountsservice 
@ adwaita-icontheme 
* alsa-lib 
* alsa-plugins 
™ apg 
™ appres 
™ apr 
* argylicms 


Info Files Transaction Output News Usage 


Synchronizing databases... 


Updating FreeBSD repository catalogue... 

Fetching meta.txz 

Fetching packagesite.txz 

Processing entries 

pkg: 

Skipping unknown key 'messages' 

FreeBSD repository update completed. 25134 packages processed. 


Command finished OK! 


756 packages (1 selected) 756installed M (1) ~ 


Figure 5. GhostBSD File Menu. 


In my case, | have one update that shows red. | can click on the explanation mark and review the 
details. | strongly suggest you get the latest updates first, before installing new software. That will 
ensure that you have all dependencies setup correctly, the latest security patches installed and, in 


general, a good user experience with bug fixes and improvements. 
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Once you confirm the upgrade of the selected packages, the process is completely automatic. 


OctoPkg 
File Search Transaction Help 
© wh a] Lae) w — Filter installed packages 
Name vy Version 
perlS 
pidgin 
pinentry 
pinentry-tty 
pixman 


plank 
pluma 
png 
policykit 


“| Oe Or i 


Info Files Transaction Output News Usage 


Fetching xvid-1.3.4,1.txz 
Fetching xterm-324.txz 

Fetching xproto-7.0.28.txz 
Fetching xorriso-1.3.4 5.txz 
Fetching xorg-server-1.17.4,1.txz 
Fetching xorg-drivers-7.7_3.txz 
Fetching xorg-docs-l.7.1,1.txz 
Fetching xmodmap-1.0.9.txz 
Fetching xlsatoms-1.1.2.txz 
Fetching xkeyboard-config-2.17.txz 
Fetching xkbevd-1.1.4.txz 
Fetching xkbcomp-1.3.1.txz 
Fetching xinput-1. 6. 2.txz 
Fetching xhost-1.0. 7.txz 


756 packages (1 selected) 756installed M™ (1) 7 


Figure 6. GhostBSD File Menu. 


If you want to use BSD and you’re looking for a good distribution that is easy to use — look no fur- 
ther. GhostBSD will give you an easy time dealing with one of the most sophisticated and ad- 
vanced operating systems out there. 


Keeping the system up to date 


Although OctoPkg gives you a nice interface of getting your system up to speed with latest im- 
provements and updates, | think it’s nice to have a good awareness of other ways to do the job. 
Just like any other BSD, there is a tool called “freebsd-update” that can quickly get your system 
upgraded. There are two steps involved: 


1. Fetching updates 


freebsd-update fetch 


74 


MAGAZINE 


2. Installing the updates 


Those steps are usually combined using directly: 


The Zettabyte filesystem (ZFS) is one significant improvement that can provide an extra layer of 
resilience to your system. One key feature is that it is always consistent. That means it will never 
need to be checked for integrity and it will self-heal any damage it endures due to sudden power 
outages, silent data corruptions or bad write operations. It is much more than that — it can be en- 
crypted, it has a full stack of RAID capabilities and it can be used as a pool for many mounts, 
which gives extra flexibility when you don’t know which mount will grow. 


GhostBSD Installer That’s all nice but 
ZFS Configuration GhostBSD doesn’t pro- 
vide support for root 
disk installation directly. 
At least not yet — it’s 
planned for the new re- 


Check Disk Size(MB) Name lease but as of 10.1 it’s 
dao -0: . 
ada 953869 WDC WD1002FBYS-02A6B0 not currently available. 


adal 953869 SAMSUNG HD103UJ és f 
n the near future, 


when it comes in the 
stable release, users 
will be able to take ad- 
vantage of it through 
the installation panel: 


Pool Type = Partition Scheme GPT 


Pool Name Force ZFS 4k block size 


Encrypt Disk Swap Size(MB) 8149 
Password 


Verify it Encrypt Swap 


@mBack x Cancel => Forward 


There is one last thing | want to mention that | decided to leave for the end of this article. 


15 


BSD 


MAGAZINE 


It is optional for most users but if you need some special software that is not in the OctoPkg, 
there is still a chance for it being available in the BSD ports. To enable ports capability, you need 
to fetch and extract them using: 


Those commands will populate the /usr/ports directory and provide an interface for building the 
package from source. 


| am a master of making lots of typos when typing commands and | enjoy having a bit of fun notic- 
ing when I’m not hitting the keys in right order. One example is the “Is” command, which | often 

mistype with “sl” instead. Let’s install Steam Locomotive from the ports gaming section. It will print 

a cute steam locomotive every time we type “sl”. Let's install it using: 


Now try the “sl” command and enjoy the software you just installed from source. In case you are 
wondering, there are a few things that happen when you call portinstall: 


1. The source code is downloaded from the repository. In the case of sl, the repository is hosted 
at Github. 


2. The Make tool is engaged and based on the rules at /usr/ports/<package>/Makefile 
the build process compiles the source to binaries and distributes them (install rule) to your sys- 
tem. 


Builds from source installations are a complex matter and users don't often dig into them. How- 
ever, sometimes that’s the only way of getting some software installed. It is likely that the software 
is both — available and latest if you install it that way. That’s why having such knowledge is good, 
even for users who are not very experienced. 


I’m very enthusiastic about all things open source. In my professional ca- i 
reer |am asystem administrator, developer, technical writer, DevOps. | 
Nowadays, | prefer to enjoy some peace and quiet and spend my time 

with hobbys like photography and amateur radio. 
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FreeNAS Getting Started Guide: 
Part 1, Planning and Installation 


by Mark VonFange 


This article is intended to serve as an introductory guide to 

assist FreeNAS users in planning, installation, configuration 

and administration for their FreeNAS storage systems. Each 

category will include a high level discussion covering the ba- 
sics of what is needed, with applicable screenshots. 


Hardware Selection and Builds 


Before installing FreeNAS, it is important to make sure the hardware you are using will meet your 
needs. The following section will go over basic considerations when planning the hardware you'll 
use for your FreeNAS storage. A training course on FreeNAS Architecture and Performance Ba- 
sics is available at http:/Avww.freenas.org/freenas-zfs-training/. 


Boot Devices: FreeNAS can be installed to at least one drive that is separate from your storage 
pool. FreeNAS will use the entirety of the drive, so it is generally recommended to utilize a flash 
device, such as a USB stick or SATA DOM, because standard hard drive capacities are well be- 
yond what FreeNAS requires. Minimum size for your boot drive is 8GB, though 16GB is recom- 
mended so you can rollback to previous or alternative OS instances. You may also want to use 
two drives in mirrored configuration if you want additional data protection for your OS drive. Off- 
brand flash devices are generally not recommended due to their questionable reliability. Additional 
information can be found in the FreeNAS Documentation. 


Memory: The general rule of thumb on memory is 4GB minimum and 1GB of memory per TB of 
storage. You will also want to consider whether ECC (Error Correcting Code) memory is important 
for your use case. ECC memory safeguards against lost write data in the instance of a system 
crash or power outage. 


CPU: Because FreeNAS is based on FreeBSD, Intel processors are generally recommended, 
though AMD should also work just fine in most cases. 
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Cache Devices: Dedicated Cache Devices can help improve your system performance substan- 
tially. An L2ZARC places your most frequently and recently used data in cache to improve your 
Read performance. Adding an SSD or other high performance flash device as your L2ARC is rec- 
ommended. 


Having a Separate Intent Log (SLOG) device for your ZFS Intent Log (ZIL) can help improve your 
write performance on synchronous write use cases, like database applications and NFS environ- 
ments. As the ZIL flushes data every five seconds, performance is more important than capacity 
fora SLOG. 


Check out our documentation on the Volume Manager for how to add L2ZARC and SLOG/ZIL de- 
vices in FreeNAS: http://doc.freenas.org/9.3/freenas_storage.html#volume-manager. 


HDDs: Desktop drives are not recommended for NAS storage. Enterprise or NAS rated drives, 
such as Western Digital Red drives, are calibrated to handle the load placed on them reliably. 


You will also want to determine your desired level of disk redundancy for your storage pool. Fre- 
eNAS can be set up in striped, mirrored, both (RAID 10) or distributed parity configurations with 
up to three parity levels (RAID-Z1, RAID-Z2 & RAID-Z3). Mirrored pools will have half their raw 
capacity available as usable storage. In parity configurations, do keep in mind you will lose about 
a drive’s worth of usable capacity for each parity level. 


Network Interface: You will want to make sure your Network Interface Card meets your through- 
put needs and is compatible with your network speeds (you won't need a 10GbE interface card if 
your network switch is only 1GbE). You may also want to consider whether using a multiport NIC 
with link aggregation will help. You can read about types of aggregation in the FreeNAS documen- 
tation here >> http://doc.freenas.org/9.3/freenas_network.htm/#link-aggregations 


In regard to NIC manufacturers, Intel cards are recommended for 1GbE connections and Chelsio 
cards are recommended for 10GbE. 


Installation 


You will first want to grab the latest version of FreeNAS from http:/www.freenas.org/download/, 

Next you'll want to write the .iso file you’ve downloaded to disk or USB. You can read documenta- 
tion about writing to flash devices in different operating systems at 

http://doc.freenas.org/9.3/freenas_install.html#preparing-the-media. 


Once you've got the FreeNAS iso on your disk or flash device, you will want to insert it in your 
system and boot from the appropriate device to load the FreeNAS Installer. 
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Getting an IP address 


You will want to have a keyboard and monitor attached to your FreeNAS hardware. As the device 
boots up, it will display text messages on the display as the operating system loads. When the 
system has finished booting, you will see a screen similar to Figure 1. *Note: Please be aware 
that all operations performed at this console menu are performed with root privileges and will 
override any existing settings. 


onsole setup 


Configure Network Interfaces 
Configure Link Aggregation 
Configure VLAN Interface 
Configure Default Route 
Configure Static Routes 
Configure DNS 
Reset Root Password 
Reset to factory defaults 
Shell 
system Update (requires networking) 
Create backup 
Restore from a backup 
Reboot 
Shutdown 


may try the following URLs to access the web user interface: 


ittp:7/192.168.1.119 


Enter an option from 1-14: 


Figure 1: FreeNAS Console 


If there is a DHCP server on your network, the Ethernet port on the device will automatically re- 
ceive an IP address that can be used to access the device from a web browser. In the example 
shown in Figure 1, the device is reachable at 


If your network does not have a DHCP server, refer to Section 3: Booting into FreeNAS in the Fre- 
eNAS® 9.3 Users Guide for instructions on how to manually set an IP address. This page also 
goes over the console menu options. 


You may now unplug the USB keyboard and monitor from the back of the FreeNAS Mini, as they 
are not used for the rest of the configuration process. You are now ready to configure your Fre- 


eNAS® device. 
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Logging in for the first time 


Direct your web browser to the IP address displayed at the console of your FreeNAS Mini. You 
will need to log in to the FreeNAS Web User Interface with a username and password. The user- 
name is always “root”. The default password is “abcd1234”. 


Welcome to FreeNAS® 9.3 


Password: 


Figure 2: Login Menu 


Once you've logged in, the first thing you'll want to do is change your ‘root’ password to some- 
thing only you know. To do this, go to the User tab in the Account Menu, select the root user and 
then click on the “Modify User” button. This will open up a pop-up window to change your pass- 
word. Just enter in your preferred password into the “Password” and “Password confirmation” 
fields, then click the “OK” button at the bottom of the menu. 
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/ &/ FreeNAS 


& 


oS # fa 


Account System Tasks Network Storage 
expand all collapse all Account 
+ cB Account 
+ System | Add User | 
* Tasks 
+ = Network L 
r P| Stenmae User ID Username Primary Group ID Hor 
* [Bf Directory Service 1003 mark 1001 /mn: 
* Sharing /Ger 
+ of Services 0 root 0 /roo 
r Pluginé daemon 1 /roo 
* [TT] sails operator 5 / 
#¥ Reporting 3 bin 
|e Guide 
@ Wizard 
tty 65533 
bury Display System Processes ticles > 
tT. 
Shell 7 games 13 
x Log Out 
sit Reboot 8 news 8 / 
1) Shutdown ayant 2 /usr, 
14 ftp 14 /nor 
22 sshd 22 /var, 
< 
Modify User | Change E-mail 


Figure 3: User Menu 
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Modify User 


User ID: 


Username: 


Primary Group: 


Home Directory: 


Shell: 

Full Name: 
E-mail: 
Password: 


Password 


confirmation: 


Disable password @ 
i 


Lock user: 


Figure 4: Modify User Menu 
You have now successfully installed FreeNAS and secured your login information! 
Conclusion 


Hopefully, part 1 of this guide has provided you with all the information needed to get your Fre- 
eNAS system designed, built and installed. Next month’s installment of the FreeNAS Getting 
Started Guide will review the Initial Configuration Wizard. Please check out the Additional Re- 
sources provided for more FreeNAS related guidance in the meantime. 
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Additional Resources 
Blogs: 


« FreeNAS Best Practices: 


Part 1 
http://www.freenas.org/blog/a-complete-guide-to-freenas-hardware-design-part-i-purpose-and-be 
st-practices/ 


Part 2 
http://www.freenas.org/blog/a-complete-guide-to-freenas-hardware-design-part-ii-hardware-specif 
ics/ 


Part 3 
http://www.freenas.org/blog/a-complete-guide-to-freenas-hardware-design-part-iiil-pools-performa 
nce-and-cache/ 


Part 4 
http:/www.freenas.org/blog/a-complete-guide-to-freenas-hardware-design-part-iv-network-notes- 
conclusion/ 


¢ FreeNAS: A Worst Practices Guide httop:/www.freenas.org/blog/freenas-worst-practices/ 
¢ Forums: httos://forums.freenas.org/index.php 

« Videos: 

Setting up your First NAS with FreeNAS https:/www. youtube.com/watch?v=Otcke1QR9_U 
FreeNAS 9.x Video Series http:/Avww.freenas.org/about/videos/ 

¢ Documentation: https://doc.freenas.org/ 


-Webinar Training Courses: 
Intro to FreeNAS course http:/Avww.onlinemeetingnow.com/register/?id=titOugmvdz 


¢ Webinar http://www.freenas.org/freenas-zfs-training/ 
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USING FREEBSD AS A FILE 
SERVER WITH ZFS 


In this course, we will learn how to use the current ZFS capa- 
bilities to help us build a home file server using FREEBSD 
10.3. 


Course launching date: 04th of July 2016 
What will you learn? 

¢ ZFS administration 

« ZFS concepts and features 

What skills will you gain? 

¢ ZFS administration basics 

What do you need? 

¢ FREEBSD 10.3 with root privileges 

¢ At least 10 GB free space 

What should you know before they join? 


¢ Basic FREEBSD administration knowledge 


WORKSHOP 


Module 1: FREEBSD and ZFS 

Introduction to ZFS under FREEBSD 

e Why ZFS on FREEBSD? 

¢ ZFS features and concepts 

Module 2 title: ZFS Administration 

Module 2 description: Cover the commands and features to administrate ZFS volumes 
¢ Create, destroy, list pools 

¢ Zpools: single, mirrored, raid 

e Understand ZFS properties 

Module 3 title: Putting it all to work: Hosting our files using ZFS 


Module 3 description: With the previous acquired knowledge, create a plan on how to or- 
ganize our files and pools to host our files. 


¢ Set ZFS properties based on the content of the files to host 
¢ ZFS tuning 


¢ Create a File Server using our pools 


https://bsdmag.org/course/using-freebsd-as-a-file-server-with-zfs-2/ 


marta.ziemianowicz@bsdmag.org 
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You do not need a big diploma to re- 
alize big projects, you need to be 
willing to go out of your comfort 
zone 


Interview with Eric Turgeon, Founder and Leader of GhostBSD 


by Marta Ziemianowicz, Marta Strzelec & Marta Sienicka 


[BSD Magazine]: Hello Eric, how have you been doing? 
Thank you for agreeing to the interview. Can you tell our 
readers something about yourself? 


[Eric Turgeon]: | am doing well, | am glad to answer your 
questions! | am a full time Inventory Controller Specialist for 
Kent Building Supply Distribution Center, a husband, and fa- 
ther of one son. | am also a founding member of the church 
Eglise Cité De La Grace and the founder/leader of the 
GhostBSD project. | am a weight lifter and | do like downhill 
biking, my favorite sport is rugby. | am a BSD license and 
copy-free license advocate. | am a Canadian living in Dieppe 
City in NB and | speak French and English. 


[BSD Mag]: What does it mean that you are a Project 
Leader for GhostBSD? 


[ET]: Basically | am the founder of GhostBSD project, my leadership is not dictatorship, | try to 
be really open minded to all subjects and sometimes new features would be implemented with- 
out my knowledge. People contributing on GhostBSD have mostly the same power than | have 
over the project. 


[BSD Mag]: There is absolutely no control over new features? How does that work ex- 
actly? 


[ET]: | do trust the people that are officially in the GhostBSD team enough to let them work on 
new features; however, | still have the final say, but most of the features that 
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are added are not necessarily for the user. For example, they can be on the build tool that we use 
to build GhostBSD. | try to act like GhostBSD is Andrea’s and Ovidiu’s project as well, that is why 
they are free to work and improve on what they want. 


[BSD Mag]: What is GhostBSD Project all about? And what is the difference between it 
and other BSDs? And why is it called Ghost? 


[ET]: GhostBSD is born from the idea of having a Gnome FreeBSD, counterfeit of PCBSD which 
was KDE only when GhostBSD was born. GhostBSD comes from Gnome hosted by FreeBSD G 
host BSD, it is also why the G hostBSD logo on the website are distinct from the G host BSD, 
and the original pronunciation is G host BSD and not Ghost BSD, but even | call it Ghost BSD be- 
cause it kind of sounds cool. GhostBSD is mainly a Desktop oriented OS, our focus is mainly to 
be a GTK alternative to PCBSD and being a bridge to the new FreeBSD user. 


[BSD Mag]: What do you like the most about open source systems? 


[ET]: | do like the fact that because FreeBSD is open source, and well documented, | did learn C 
programming, python, and UNIX shell programming, as well as learning how to build a whole 
FreeBSD system. My main opinion on open source is that it helped me to learn to program and | 
probably learned faster than with a closed source. | did play with the code of the open source pro- 
gram to see what would happen. With open code you cannot hide backdoors and spyware, some- 
one will one day find out. Additionally, a lot people can work on the same piece of code around 
the world and make it work better and be more secure. 


[BSD Mag]: So would you say that open source systems are generally more secure than 
closed source? 


[ET]: In my experience yes, if | found a vulnerability | can find were it needs to be fixed and send 
a patch upstream, or point the developer to the faulty code. On Close Source, you can only send 
the vulnerability and wait for the company to fix it. On most of the big open source projects, the 
community responses fast and software gets fixed faster - most of the time. 


[BSD Mag]: How is it to be a Leader of such project? What are your responsibilities and 
goals? 


[ET]: Wow, | am not a great leader and never have been a leader, | am learning has the time 
pasts. Unfortunately, with my explosive temper (when | am overwhelmed) | have lost some peo- 
ple on the project. | can say that Ovidiu was a great helper and probably the only one who has 
been on the project since almost from the start, and | owe him a lot. | did learn to make sure | un- 
derstand people’s point of view and ideas before replying, which have been helpful to avoid con- 
flict. | do not want to be Linus Torvalds, therefore | try to do everything | can to understand others 
point of view. My leadership is only to provide a structure, a guideline, and keeping a balance on 


the project. ; 
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[BSD Mag]: If you had to give someone just one reason to use GhostBSD, what would it 
be? 


[ET]: Oh, mmm, GhostBSD is FreeBSD made easy! | think that should be our slogan lol. 
[BSD Mag]: How do you encourage people to contribute to GhostBSD? 


[ET]: | do try to let people know that they can contribute to GhostBSD in any area they want to. 
GhostBSD is and Open Community and all our code, website, and wiki is open for everyone to 
work on. 


[BSD Mag]: Is it hard to find a sponsor(s) for BSDs projects? Or are you mostly relying on 
money from donations? 


[ET]: We are not going after sponsors, but we have a sponsor program that benefits us and our 
sponsors. All monthly donations and subscriptions become automatically a sponsor, also one 
time donations of over 100 CAD become sponsors to, this way we kind of give back to people 
who donate a fair amount of money. We started a Patronage program, but we did not put much 
effort in it yet, but there is more benefit to our user who becomes a patron to GhostBSD. 


[BSD Mag]: What are those benefits? 


[ET]: Depending of the level of the Patron donation, it can be: get a newsletter before publication, 
Get releases before the official release, sponsors badge, sponsors level (good for advertising), a 
GhostBSD sticker, and a shirt and more. And there is also goals to reach when GhostBSD gets to 
a certain amount per month, like move GhostBSD hosting on a VPS or a dedicated server, 
weekly news, full time development, financing people to go to Linux/BSD/Open Source confer- 
ence, and much more. Patrons let us make it more manageable and accountable. 


[BSD Mag]: Do you have any other favorite open source system? 


[ET]: Mmm, not really. FreeBSD has been my favorite OS for over 9 years and GhostBSD has 
been born from FreeBSD and PCBSD. | did start to contribute a bit of time to DesktopBSD and 
most of GhostBSD Developers are contributing time to it, and we hope that people will love it. It is 
ironic because we were supposed to release a Gnome3 version of GhostBSD, and since Desk- 
topBSD is releasing Gnome3, we might not release GhostBSD with Gnomes version - we will 
see. 


[BSD Mag]: GhostBSD 10.3 ALPHA’ is now ready for Testing. That is another way of con- 
tributing to the project. What are the other ways to help? 


[ET]: Sure there is testing and reporting problems, but what | am looking for people to take care 
of is the documentation. | will be honest, our documentation is horrible, | am not a writer, and | 
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really have no time for writing the documentation. If the people who are reading this interview 
would like to contribute to GhostBSD, this would be the best place to start contributing. Our wiki 
is open to anyone to contribute, and if people need help, or information, the forums and IRC are 
the best place to contact us. There is also a code if people are in shell scripting, Python, C and 
etc. It is always appreciated to have more developers, also for people that cannot code, or do not 
feel comfortable writing documentation, there is a place for them too; they can engage with the 
community in IRC and the Forums, also a Bug Keeper will be needed soon. 


[BSD Mag]: Can you tell us something about the license? How to get it and who can get 
it? 


[ET]: GhostBSD is licensed under the BSD 2-clause license ("Simplified BSD License" or 
"FreeBSD License") which people can get at hito:/www.ghostbsd.org/license 


[BSD Mag]: Do you have any tips for our readers? 


[ET]: | did not graduate from high school, yes | was good in physics and algebra, but not in 
French grammar. | wanted to study computer science, but that dream was farfetched because of 
my academic grades in grammar. When | started to use FreeBSD, and started to learn how to 
change configuration in FreeBSD, | started to think Oh, this is almost like programming. | did 
start to learn programming by myself, | did start GnsotBSD at the same time. Today | do not con- 
sider myself a good programmer, but | am able to learn what | need to get the job done. 


Most people say it is easy for you to learn programming if you use FreeBSD. No it is not easy, 
but when | started to use FreeBSD, | was 25 year old and | had only started to use computers two 
years earlier. Before that | did not know anything more than the basics of using the internet and 
installing software. | did not have any experience with a computer's OS's, kernel, etc. | started 
from the ground floor, with no knowledge in tech; however, | was curious and every step that | ac- 
complished was empowering me. 


You do not need a big diploma to realize big projects, you need to be willing to go out of your com- 
fort zone, being willing to spend time to learn the tool you need to realize your projects, and focus 
on the important parts and if you fail, learn from it. 
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Barclays bank, as part of their Life Skills television and 
Internet campaign, are advising those entering the job mar- 
ket to use more professional email addresses. In light of 
their involvement in the Libor scandal, where they at- 
tempted to manipulate the benchmark inter-bank borrowing 
rate, can we take this advice seriously? 


by Rob Somerville 


There is an old joke about banks. A man asks 
for a loan, and checking his credit history, the 
bank manager says he will have to decline the 
application. However, as he is a gambling 
man, if the customer can tell him which one of 
his eyes is a glass prosthetic one, he will give 
him the loan. After thinking for a few seconds, 
the customer retorts “Your left eye”, and the 
bank manager is shocked. Having won the 
bet successfully many times over the years, 
he agrees to giving the man the loan (at a 
higher rate of interest) provided he tells him 
how he worked this out. “Simple” the man 
says, “It was the eye with the most compas- 
sion in it’. 


Since working with Bela Hatvany and Mike 
Kidron in the 1980's at Global 1000, | have al- 
ways been fascinated by the ethical, moral, 
PR and marketing stances organizations have 
taken. Global 1000, as part of their research, 
was examining the mergers and acquisitions 
markets, and also the green and ethical cre- 
dentials of many Blue Chips. There has been 
a major move since then in the areas of repu- 


tation management, and for companies to em- 
brace a more ethical and morally engaged ap- 
proach to business. Nowhere is this more 
prevalent than in the banking sector, which 
has been hammered with scandal after scan- 
dal and the PR mood music is very much “We 
are nice guys, really, and have learned our les- 
son, how can we help you”? 


This whole campaign truly sticks in my throat. 
Apart from the blatant commercial opportun- 
ism that banks traditionally exert in trying to 
capture young customers for life, especially in 
the later years of secondary schools, and then 
at colleges and universities, | don't think 
banks in general understand technology they 
are playing with other than being a tool to 
bring efficiency, cut costs, and maximize 
profit. Or maybe they do. A significant meme 
on the Internet is the concept that we are 
heading towards a cashless society, poten- 
tially with each one of us having a chip embed- 
ded or a some form of bar-code tattooed upon 
our being. 
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While this vision might be the domain of right 
wing crazies and religious fundamentalists, 
from a commercial standpoint, a cashless soci- 
ety would certainly reduce fraud, but in what 
proportion to electronic fraud, tax shelters and 
good old fashioned hacking would be an inter- 
esting debate indeed. 


The culture of the Internet and the banks 
seems to be at odds with each other. A while 
back, a particularly well crafted phishing email 
ended up in my in-box. The website was still 
live, so if | were uneducated in such matters | 
could easily have mistaken it for a genuine 
email if | was the customer of that particular 
bank. Concerned, and as | would not like to 
see anyone ripped off (even the banks if that 
were actually possible), | phoned their head 
office to report it. Being a weekend, | was in- 
formed there was no security team active over 
the weekend that would be able to address 
my enquiry. The phishing site was still live 
over the weekend until a take-down early Mon- 
day morning. How much customers lost finan- 
cially or in way of confidential data is un- 
known, but the lack of an adequate channel to 
report such an incident deeply concerns me. 


With the recent SWIFT attacks that have de- 
frauded the industry of millions, the industry is 
slowly getting its head round Internet fraud. 
So much so, under proposed changes pro- 
posed by banks and the UK government, cus- 
tomers may have to foot the bill for fraud 
against their accounts. This level of fraud, 
which is approaching almost three quarters of 
billion pounds per year, is not chump change. 
Maybe | am just a cynical old goat, but it is 
mighty convenient that an industry that has 


91 


not moved forward in adequate long term IT 
investment over the years (other than short 
term cost cutting to burnish the bottom line for 
shareholders) wants to kick the problem down- 
hill to the customer now that the e.coli in- 
fected brown sticky stuff has hit the ventilation 
device. 


What really yanks my chain here though is 
how a business sector having a reputation for 
lack of accountability and the credibility ap- 
proaching that of a common criminal has the 
sheer gall and arrogance to lecture young- 
sters on what their email address should be. 
They forget that on the Internet — like in the 
days of CB radio — everybody has an alter 
identity, a handle if you prefer. Sure, if you 
want to go and join a professional organiza- 
tion it is better to have a professional email ad- 
dress. The message itself is not particularly 
offensive, it is common sense really. | would 
not want to communicate with an accountant 
at scammesenseless@ripoff.ng for instance. 
However, there are industry sectors that are 
much more open to creativity and are crying 
out for young talent where this is less of a fac- 
tor. And if we are truly objective, the cultural 
move is more towards social media than cor- 
porate email. Certainly my teenage daughter 
laughs at email as being old hat. And | am 
really uncomfortable with the concept of a 
bank being an “educator”, especially as Matt 
Barrett, the chief executive of Barclays until 
2006, admitted he did not use his a credit 
card to borrow money because it was too ex- 
pensive — a message he had been urging his 
four children to adopt. Now that would have 
made a good PR campaign for teenagers. 
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By engaging with such personal dialogue, this you. 
PR campaign is close to the territory of “get 
your hair cut, remove the nose piercing, cover 
up that tattoo” otherwise you will not be ac- 
cepted and will not get a job. Which is all very 
nice and good, a classic middle class mantra, 
provided there were jobs and opportunities 
out there. So we have a very corporate, sensi- 
ble message relayed by a sector that causes 
more pain and suffering to thousands, if not 
millions of individuals by the fact that they are 
too big to fail and are a global player with all 
their fingers in the pie. Depending on where 
you rest on the political and moral spectrum, 
this campaign lands between propaganda, 
through sheer hypocrisy to wickedness. 


| wouldn't be offended so much by this futile 
attempt at social engineering if | had not had 
the pleasure to work at an international bank 
for a time and also attend interviews in the 
city of London for roles in the sector. The 
whole culture is based on judging a book by 
its cover, whether or not you wear the right tie, 
or don't have a beard. | fail on both counts. 
The arrogance in the industry is endemic. Hav- 
ing worked with the phenomenal team at 
Global 1000 (whose humility | will take to my 
grave), | believe | have had a lucky escape. 
My email address is 

linuxgreybeard@gmail.com. | have a grey 
beard and love Linux (and *BSD of course). If 
my email address offends your sweet, tender 
sensibilities, I'd really rather not hear from 
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